Lucene search
K

280 matches found

CNNVD
CNNVD
added 2026/04/08 12:0 a.m.10 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from the crypto/tls component. Sending multiple key update messages after a handshake in ...

7.5CVSS7.3AI score0.00621EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.4 views

PT-2026-31061

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description An issue exists in the way certificate chains are processed, specifically during chain building. The amount of work performed isn't properly limited when a large number of intermediate certificates are provide...

9.8CVSS5.8AI score0.00615EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/01 9:29 a.m.10 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
OSV
OSV
added 2026/03/20 3:6 p.m.7 views

SUSE-SU-2026:0947-1 Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to go 1.25.8 bsc1244485, jscSLE-18320: - CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. - CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...

10CVSS7.3AI score0.00765EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.5 views

MiracleLinux 8 : container-tools:rhel8 (AXSA:2026-338:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-338:01 advisory. golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip CVE-2025-61728 golang: net/url: Memory exhaustion in query...

10CVSS7.3AI score0.01945EPSS
Exploits2References4
Rockylinux
Rockylinux
added 2026/03/17 6:0 a.m.9 views

container-tools:rhel8 security update

An update is available for module.skopeo, aardvark-dns, crun, module.udica, module.cockpit-podman, module.criu, conmon, runc, containernetworking-plugins, python-podman, toolbox, module.oci-seccomp-bpf-hook, module.containers-common, podman, module.aardvark-dns, module.libslirp, fuse-overlayfs,...

10CVSS7.2AI score0.01945EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2026/03/17 4:1 a.m.32 views

Important: Red Hat Security Advisory: container-tools:rhel8 security update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

10CVSS7.2AI score0.01945EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/03/15 12:0 a.m.9 views

MiracleLinux 8 : osbuild-composer-101.4-4.el8_10.ML.1 (AXSA:2026-304:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-304:05 advisory. golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls...

10CVSS5.9AI score0.01945EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/03/13 12:0 a.m.4 views

AlmaLinux 8 : git-lfs (ALSA-2026:3985)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3985 advisory. golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls...

10CVSS5.9AI score0.01945EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/03/11 6:5 a.m.6 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/03/10 12:12 p.m.4 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/03/10 12:12 p.m.4 views

Important: Red Hat Security Advisory: opentelemetry-collector security update

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS7.1AI score0.01945EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/03/09 12:0 a.m.2 views

MiracleLinux 9 : delve-1.25.2-2.el9_7 (AXSA:2026-275:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-275:01 advisory. crypto/tls: Unexpected session resumption in crypto/tls CVE-2025-68121 Tenable has extracted the preceding description block directly from the MiracleLinux...

10CVSS5.8AI score0.00765EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.5 views

SUSE SLES15 Security Update : go1 (SUSE-SU-2026:0687-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0687-1 advisory. Update to version 1.24.13 jscSLE-18320, bsc1236217. Security issues fixed: - CVE-2025-61732: cmd/cgo: discrepancy between Go and...

10CVSS6.4AI score0.00765EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2026/03/03 12:0 a.m.2 views

RockyLinux 9 : buildah (RLSA-2026:3298)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3298 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in...

10CVSS6AI score0.01945EPSS
Exploits3References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/02 2:9 p.m.4 views

Security Bulletin: IBM App Connect Enterprise Certified Container operator and operands are vulnerable to denial of service (CVE-2025-61726, CVE-2025-61728) and loss of confidentiality (CVE-2025-61730)

Summary IBM App Connect Enterprise Certified Container operator, and DesignerAuthoring, IntegrationServer and IntegrationRuntime operands are vulnerable to denial of service CVE-2025-61726, CVE-2025-61728 and loss of confidentiality CVE-2025-61730. This bulletin provides patch information to...

7.5CVSS5.9AI score0.01945EPSS
Exploits1Affected Software1
OSV
OSV
added 2026/02/26 8:47 p.m.7 views

RLSA-2026:3297 Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

7.5CVSS7.7AI score0.01945EPSS
Exploits3References4
Rockylinux
Rockylinux
added 2026/02/26 8:45 p.m.11 views

podman security update

An update is available for podman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...

10CVSS5.8AI score0.01945EPSS
Exploits4
Rockylinux
Rockylinux
added 2026/02/26 8:43 p.m.10 views

grafana-pcp security update

An update is available for grafana-pcp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Grafana plugin for Performance Co-Pilot includes datasources for...

10CVSS5.7AI score0.01945EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/02/26 12:0 a.m.5 views

RockyLinux 9 : grafana-pcp (RLSA-2026:3040)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3040 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in...

10CVSS6AI score0.01945EPSS
Exploits3References7
Rows per page
Query Builder