16 matches found
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2026-1394)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2026-1240)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2026:20308-1 Security update for go1.24-openssl
This update for go1.24-openssl fixes the following issues: - Update to version 1.24.13 jscSLE-18320 - CVE-2025-58189: crypto/tls: ALPN negotiation error contains attacker controlled information. bsc1251255 - CVE-2025-61725: net/mail: excessive CPU consumption in ParseAddress. bsc1251253 -...
Security Bulletin: Multiple secuirty vulnerabilies addressed with IBM Business Automation Workflow containers January 2026
Summary In addition to updating many operating system level packages, IBM Business Automation Workflow container fixes address the following vulnerabilities. Vulnerability Details CVEID:CVE-2025-47912 DESCRIPTION: The Parse function permits values other than IPv6 addresses to be included in squar...
SUSE-SU-2026:0297-1 Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: Update to version 1.25.6 released 2026-01-15 jscSLE-18320, bsc1244485: Security fixes: - CVE-2025-4674 cmd/go: disable support for multiple vcs in one module bsc1246118. - CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of '', '...
SUSE: Security Advisory (SUSE-SU-2025:21192-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2025:20157-1 Security update for go1.25
This update for go1.25 fixes the following issues: Update to go1.25.5. Security issues fixed: - CVE-2025-61729: crypto/x509: excessive resource consumption in printing error string for host certificate validation bsc1254431. - CVE-2025-61727: crypto/x509: excluded subdomain constraint doesn't...
CVE-2025-58186 vulnerabilities
Vulnerabilities for packages: cluster-api-provider-vsphere-fips, helm-push, pgwatch, terraform-provider-azuread, sealed-secrets, velero, crossplane-function-auto-ready-fips, aws-s3-controller, task, net-kourier-fips, local-static-provisioner-fips, secrets-store-csi-driver-provider-aws-fips, pguse...
CVE-2025-58186
creationtimestamp| type| source ---|---|--- 2025-10-30 03:41:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4f24drrw42k 2025-10-30 12:01:03+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3m4fw2fylbi24 2025-10-30 14:04:15+00:00| seen|...
CVE-2025-58186
Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption...
CVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http
Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption...
openSUSE Security Advisory (SUSE-SU-2025:3682-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:3682-1 Security update for go1.24
This update for go1.24 fixes the following issues: go1.24.9 released 2025-10-13 includes fixes to the crypto/x509 package. bsc1236217 crypto/x509: TLS validation fails for FQDNs with trailing dot go1.24.8 released 2025-10-07 includes security fixes to the archive/tar, crypto/tls, crypto/x509,...
SUSE: Security Advisory (SUSE-SU-2025:03547-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2025-58186
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such ...
Security update for go1.25
This update for go1.25 fixes the following issues: go1.25.2 released 2025-10-07 includes security fixes to the archive/tar, crypto/tls, crypto/x509, encoding/asn1, encoding/pem, net/http, net/mail, net/textproto, and net/url packages, as well as bug fixes to the compiler, the runtime, and the...