EUVD-2022-37253

Malicious code in bioql PyPI...

EUVD-2022-28486

Malicious code in bioql PyPI...

EUVD-2022-40749

Malicious code in bioql PyPI...

EUVD-2022-45963

Malicious code in bioql PyPI...

SUSE SLED15: curl / libcurl-devel / libcurl-devel-32bit / libcurl4 / etc (SUSE-SU-2025:03198-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03198-1 advisory. Update to version 8.14.1 jscPED-13055, jscPED-13056. Security issues fixed: - CVE-2025-0665:...

Security update for curl

This update for curl fixes the following issues: CVE-2025-5399: libcurl can possibly get trapped in an endless busy-loop when processing specially crafted packets bsc1243933. CVE-2025-5025: No QUIC certificate pinning with wolfSSL bsc1243706. CVE-2025-4947: QUIC certificate check skip with wolfSS...

SUSE-SU-2025:20675-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-5399: libcurl can possibly get trapped in an endless busy-loop when processing specially crafted packets bsc1243933. - CVE-2025-5025: No QUIC certificate pinning with wolfSSL bsc1243706. - CVE-2025-4947: QUIC certificate check skip with...

Linux Distros Unpatched Vulnerability : CVE-2019-14317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL and wolfCrypt 4.1.0 and earlier formerly known as CyaSSL generate biased DSA nonces. This allows a remote attacker to compute the long term private key...

Linux Distros Unpatched Vulnerability : CVE-2022-42961

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operation...

Linux Distros Unpatched Vulnerability : CVE-2018-16870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to...

Linux Distros Unpatched Vulnerability : CVE-2019-19962

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL before 4.3.0 mishandles calls to wcSignatureGenerateHash, leading to fault injection in RSA cryptography. CVE-2019-19962 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2019-16748

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a...

Linux Distros Unpatched Vulnerability : CVE-2020-11735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a projective...

Linux Distros Unpatched Vulnerability : CVE-2020-36177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RsaPadPSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size. CVE-2020-36177...

Linux Distros Unpatched Vulnerability : CVE-2020-12457

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in wolfSSL before 4.5.0. It mishandles the changecipherspec CCS message processing logic for TLS 1.3. If an attacker sends...

Linux Distros Unpatched Vulnerability : CVE-2020-24613

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAITCERTCR state, within SanityCheckTls13MsgReceived in tls13.c. This is an incorrect implementation ...

Linux Distros Unpatched Vulnerability : CVE-2022-23408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTL...

Linux Distros Unpatched Vulnerability : CVE-2022-38153

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in wolfSSL before 5.5.0 when --enable-session-ticket is used %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2021-38597

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension. CVE-2021-38597...

Linux Distros Unpatched Vulnerability : CVE-2019-19963

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversio...