1243 matches found
crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...
crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...
crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...
Astra Linux – Vulnerability in openconnect
OpenConnect 8.09 has a buffer overflow issue, which can lead to a denial of service application crash or potentially cause unspecified other problems, due to the use of crafted certificate data in the getcertname function within gnutls.c...
Astra Linux – Vulnerability in StrongSwan
Before version 5.9.8, StrongSwan allowed remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity and intermediate CA certificate that contained a CRL/OCSP URL pointing to a server under the attacker’s control that did not respond properly. In some...
Astra Linux – Vulnerability in libtasn1-6
A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even cause the system to crash. This flaw allows an attacker to send a specially crafted...
crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...
crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...
crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...
crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...
crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...
EulerOS 2.0 SP13 : glib-networking (EulerOS-SA-2026-2289)
According to the versions of the glib-networking package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in glib-networking. A malicious Transport Layer Security TLS server can exploit an out- of-bounds read and invalid free...
CVE-2026-20199
A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to execute commands on the underlying operating system as the root user. This vulnerability is due to insufficient validation of user-supplied input. An...
ALPINE-CVE-2026-42012
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...
EUVD-2026-32010
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...
RockyLinux 8 : osbuild-composer (RLSA-2026:2124)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:2124 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 Tenable has extracted the preceding descriptio...
CVE-2026-20199
A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to execute commands on the underlying operating system as the root user. This vulnerability is due to insufficient validation of user-supplied input. An...
CVE-2026-20199
CVE-2026-20199 affects Cisco ThousandEyes Virtual Appliance. The issue stems from insufficient validation in SSL certificate handling, allowing an authenticated, remote attacker (with valid admin credentials) to upload a crafted certificate and execute arbitrary code as root on the underlying OS....
CVE-2026-20199
A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to execute commands on the underlying operating system as the root user. This vulnerability is due to insufficient validation of user-supplied input. An...
Cisco ThousandEyes Virtual Appliance Authenticated Remote Code Execution Vulnerability
A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to execute commands on the underlying operating system as the root user. This vulnerability is due to insufficient validation of user-supplied input. An...