Linux Distros Unpatched Vulnerability : CVE-2014-2901

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfssl before 3.2.0 does not properly issue certificates for a server's hostname. CVE-2014-2901 Note that Nessus relies on the presence of the package as...

Linux Distros Unpatched Vulnerability : CVE-2020-24585

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the DTLS handshake implementation in wolfSSL before 4.5.0. Clear DTLS applicationdata messages in epoch 0 do not produce an...

Linux Distros Unpatched Vulnerability : CVE-2022-25640

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the certificateverify messag...

Linux Distros Unpatched Vulnerability : CVE-2019-19960

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wolfSSL before 4.3.0, wceccmulmodex does not properly resist side-channel attacks. CVE-2019-19960 Note that Nessus relies on the presence of the package as...

Linux Distros Unpatched Vulnerability : CVE-2021-24116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system-level administrator attackers to obtain information about secre...

Linux Distros Unpatched Vulnerability : CVE-2025-7394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values return...

CBL Mariner 2.0 Security Update: mysql (CVE-2025-5025)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5025 advisory. - libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this...

SUSE CVE-2025-7394

In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values returned from RANDbytes after fork is called. This can lead to weak or predictable random numbers generated in applications that are both using...

SUSE CVE-2025-7396

In wolfSSL release 5.8.2 blinding support is turned on by default for Curve25519 in applicable builds. The blinding configure option is only for the base C implementation of Curve25519. It is not needed, or available with; ARM assembly builds, Intel assembly builds, and the small Curve25519...

CVE-2025-7396

In wolfSSL release 5.8.2 blinding support is turned on by default for Curve25519 in applicable builds. The blinding configure option is only for the base C implementation of Curve25519. It is not needed, or available with; ARM assembly builds, Intel assembly builds, and the small Curve25519...

CVE-2025-7395

A certificate verification error in wolfSSL when building with the WOLFSSLSYSCACERTS and WOLFSSLAPPLENATIVECERTVALIDATION options results in the wolfSSL client failing to properly verify the server certificate's domain name, allowing any certificate issued by a trusted CA to be accepted regardles...

CVE-2025-7394

In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values returned from RANDbytes after fork is called. This can lead to weak or predictable random numbers generated in applications that are both using...

CVE-2025-7395

A certificate verification error in wolfSSL when building with the WOLFSSLSYSCACERTS and WOLFSSLAPPLENATIVECERTVALIDATION options results in the wolfSSL client failing to properly verify the server certificate's domain name, allowing any certificate issued by a trusted CA to be accepted regardles...

CVE-2025-7394

In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values returned from RANDbytes after fork is called. This can lead to weak or predictable random numbers generated in applications that are both using...

CVE-2025-7396

In wolfSSL release 5.8.2 blinding support is turned on by default for Curve25519 in applicable builds. The blinding configure option is only for the base C implementation of Curve25519. It is not needed, or available with; ARM assembly builds, Intel assembly builds, and the small Curve25519...

CVE-2025-7395

A certificate verification error in wolfSSL when building with the WOLFSSLSYSCACERTS and WOLFSSLAPPLENATIVECERTVALIDATION options results in the wolfSSL client failing to properly verify the server certificate's domain name, allowing any certificate issued by a trusted CA to be accepted regardles...

DEBIAN-CVE-2025-7394

In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values returned from RANDbytes after fork is called. This can lead to weak or predictable random numbers generated in applications that are both using...

CVE-2025-7394

In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values returned from RANDbytes after fork is called. This can lead to weak or predictable random numbers generated in applications that are both using...

CVE-2025-7396

In wolfSSL release 5.8.2 blinding support is turned on by default for Curve25519 in applicable builds. The blinding configure option is only for the base C implementation of Curve25519. It is not needed, or available with; ARM assembly builds, Intel assembly builds, and the small Curve25519...

UBUNTU-CVE-2025-7394

In the OpenSSL compatibility layer implementation, the function RANDpoll was not behaving as expected and leading to the potential for predictable values returned from RANDbytes after fork is called. This can lead to weak or predictable random numbers generated in applications that are both using...