Lucene search
K

161 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.15 views

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2026-098 (ALASNITRO-ENCLAVES-2026-098)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-098 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the G...

9.8CVSS6.8AI score0.00651EPSS
Exploits0References22
OSV
OSV
added 2026/04/27 6:33 p.m.20 views

JLSEC-2026-225 Read buffer overruns processing ASN.1 strings

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

7.4CVSS6.8AI score0.50445EPSS
Exploits0References35
OSV
OSV
added 2026/04/27 5:25 p.m.6 views

CLSA-2026-1777310722 openldap: Fix of 15 CVEs

CVE-2019-13565: SASL session encryption SSF not reset on new connection, allowing downgrade - CVE-2020-12243: slapd crash via deeply nested LDAP search filter boolean expressions - CVE-2020-25692: NULL pointer dereference in slapd during modRDN request - CVE-2020-25709: slapd assertion failure...

7.5CVSS6.8AI score0.84224EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/14 4:54 p.m.6 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to Inefficient Algorithmic Complexity in crypto/x509 [CVE-2025-58187]

Summary IBM Watson Speech Services Cartridge is vulnerable to Inefficient Algorithmic Complexity in crypto/x509, due to non-linear processing time of some inputs scale with respect to the size of the certificate CVE-2025-58187. Crypto/x509 is used in our speech utilities. This vulnerabilitiy has...

7.5CVSS6.8AI score0.00384EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/04/09 9:16 p.m.4 views

DEBIAN-CVE-2026-5447

Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension...

7.5CVSS5.6AI score0.00222EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/09 8:13 p.m.4 views

CVE-2026-5447

Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension...

7.5CVSS5.6AI score0.00222EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/04/08 2:16 a.m.11 views

CVE-2026-32280

During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls...

7.5CVSS5.9AI score0.00615EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/11 7:52 a.m.5 views

Important: Red Hat Security Advisory: OpenShift Source To Image 1.6.0

OpenShift Source To Image 1.6.0 Release Release of OpenShift Source To Image 1.6.0...

10CVSS6.7AI score0.01945EPSS
Exploits3References4
RedHat Linux
RedHat Linux
added 2026/03/09 1:29 a.m.8 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.1AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/03/05 12:20 p.m.10 views

Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

7.5CVSS6.7AI score0.01945EPSS
Exploits3References4
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.8 views

SonicWALL SonicOS 安全漏洞

SonicWALL SonicOS is an operating system developed by the American company SonicWALL, specifically for use with SonicWall firewall devices. There is a security vulnerability in SonicWall SonicOS, which stems from a stack buffer overflow in certificate processing. This vulnerability could allow...

4.9CVSS6AI score0.00259EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/02/23 1:30 a.m.11 views

Important: Red Hat Security Advisory: grafana-pcp security update

An update for grafana-pcp is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

10CVSS6.7AI score0.01945EPSS
Exploits3References4
OSV
OSV
added 2026/02/23 12:0 a.m.5 views

ALSA-2026:3042 Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing CVE-2025-69419...

7.4CVSS6.2AI score0.00444EPSS
Exploits1References4
OSV
OSV
added 2026/02/18 12:0 a.m.7 views

ALSA-2026:2920 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 grafana/grafana/pkg/services/dashboards: Grafana...

10CVSS7.5AI score0.01945EPSS
Exploits5References12
OpenVAS
OpenVAS
added 2026/02/02 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for libtasn1 (EulerOS-SA-2026-1128)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS7.6AI score0.01025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.6 views

EulerOS Virtualization 2.10.1 : libtasn1 (EulerOS-SA-2026-1128)

According to the versions of the libtasn1 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a...

5.3CVSS5.9AI score0.01025EPSS
Exploits0References2
OSV
OSV
added 2026/01/28 12:0 a.m.10 views

ALSA-2026:1472 Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187...

9.8CVSS6.3AI score0.47621EPSS
Exploits7References26
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/10 1:53 p.m.7 views

Security Bulletin: A vulnerability in RedHat UBI affects IBM Robotic Process Automation for Cloud Pak and may result in denial of service (CVE-2024-12243).

Summary A vulnerability in RedHat UBI affects IBM Robotic Process Automation for Cloud Pak and may result in a denial of service. RedHat UBI is used as base imaged for IBM Robotic Process Automation for Cloud Pak images. This bulletin identifies the fixes required to address this vulnerability...

5.3CVSS6.5AI score0.01193EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.3 views

Siemens SIMATIC S7-1500 and Ruggedcom ROX Devices Inefficient Algorithmic Complexity (CVE-2024-12133)

A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate,...

5.3CVSS6.6AI score0.01025EPSS
Exploits0References4
OSV
OSV
added 2025/10/31 2:13 p.m.5 views

OESA-2025-2610 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

5.3CVSS6.4AI score0.01193EPSS
Exploits0References2
Rows per page
Query Builder