161620 matches found
ALPINE-CVE-2026-33846
A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...
CVE-2026-33846
A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...
“Legitimate” phishing: how attackers weaponize Amazon SES to bypass email security
Introduction The primary goal for attackers in a phishing campaign is to bypass email security and trick the potential victim into revealing their data. To achieve this, scammers employ a wide range of tactics, from redirect links to QR codes. Additionally, they heavily rely on legitimate sources...
Authentication Bypass
Spring gRPC is vulnerable to Authentication Bypass. The vulnerability is due to improper clearing of the authenticated security context on gRPC worker threads, where a previously authenticated identity may persist after an access denial and be reused by a subsequent request, potentially leading t...
CLSA-2026-1777883671 nginx: Fix of 2 CVEs
CVE-2026-27651: fix null pointer dereference in ngxmailauthhttpmodule when authentication retry is enabled with CRAM-MD5 or APOP - CVE-2026-32647: fix buffer over-read/write in ngxhttpmp4module when processing crafted mp4 files with empty stco/co64 atoms...
CVE-2026-43862
In mutt before 2.3.2, the imapauthgss security level is mishandled...
CVE-2026-43860
mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...
CVE-2026-43859
mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP authcram MD5 digest...
CVE-2026-43862
In mutt before 2.3.2, the imapauthgss security level is mishandled...
Exploit for CVE-2026-6379
CVE-2026-6379 — WP Photo Album Plus :8080/?pageid=" --mode pr...
CLSA-2026-1776163133 tomcat: Fix of 3 CVEs
CVE-2024-52316: fix unchecked error condition in Jakarta Authentication JASPIC ServerAuthContext - CVE-2025-46701: fix case sensitivity bypass in CGI servlet pathInfo - CVE-2025-55754: add escaping to logging output for ANSI sequences...
EUVD-2026-26900
In mutt before 2.3.2, the imapauthgss security level is mishandled...
CVE-2026-43862
CVE-2026-43862 concerns mutt prior to 2.3.2, where the imap_auth_gss security level is mishandled. Affected software: mutt (before 2.3.2). Root cause: mishandling of the imap_auth_gss security level. Impact (per CVSS): low overall impact (Confidentiality: None, Integrity: Low, Availability: None)...
CVE-2026-43862
In mutt before 2.3.2, the imapauthgss security level is mishandled...
CVE-2026-43862
In mutt before 2.3.2, the imapauthgss security level is mishandled...
CVE-2026-43862
In mutt before 2.3.2, the imapauthgss security level is mishandled...
CVE-2026-43862
In mutt before 2.3.2, the imapauthgss security level is mishandled...
CVE-2026-43860
mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...
CVE-2026-43860
CVE-2026-43860 affects mutt prior to 2.3.2, where the hash_passwd is sometimes truncated by one byte during IMAP auth_cram MD5 digest. The root cause stated is a truncation issue in handling hash_passwd for IMAP CRAM-MD5 authentication. Publicly available documents do not specify the exact techni...
CVE-2026-43859
mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP authcram MD5 digest...