Lucene search
+L

495 matches found

SUSE Linux
SUSE Linux
added 2026/05/08 8:58 a.m.8 views

Security update for strongswan

This update for strongswan fixes the following issues: CVE-2026-35329: NULL pointer dereference when processing padding in PKCS7 bsc1261717. CVE-2026-35330: integer underflow when handling EAP-SIM/AKA attributes bsc1261705. CVE-2026-35331: acceptance of certificates violating X.509 name constrain...

9.2CVSS5.8AI score
Exploits6References24
OSV
OSV
added 2026/05/08 8:58 a.m.6 views

SUSE-SU-2026:1762-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2026-35329: NULL pointer dereference when processing padding in PKCS7 bsc1261717. - CVE-2026-35330: integer underflow when handling EAP-SIM/AKA attributes bsc1261705. - CVE-2026-35331: acceptance of certificates violating X.509 name...

5.8AI score
Exploits6References13
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.6 views

SUSE SLED15 / SLES15 Security Update : strongswan (SUSE-SU-2026:1637-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1637-1 advisory. - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329:...

5.8AI score
Exploits6References22
SUSE Linux
SUSE Linux
added 2026/04/27 4:59 p.m.11 views

Security update for strongswan

This update for strongswan fixes the following issues: CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. CVE-2026-35330: integer underflow when handling EAP-SIM/AKA...

9.2CVSS5.2AI score
Exploits6References28
OSV
OSV
added 2026/04/27 4:59 p.m.3 views

SUSE-SU-2026:1637-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. - CVE-2026-35330: integer underflow when handling EAP-SIM/AKA...

5.2AI score
Exploits6References15
OSV
OSV
added 2026/04/27 11:41 a.m.14 views

USN-8196-2 strongswan vulnerabilities

USN-8196-1 fixed vulnerabilities in strongSwan. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: Haruto Kimura discovered that strongSwan incorrectly handled the supportedversions extension in TLS. A remote attacker could possibly use this issue to cau...

6AI score
Exploits6References8
SUSE CVE
SUSE CVE
added 2026/04/24 1:27 a.m.12 views

SUSE CVE-2026-41989

Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...

6.7CVSS6AI score0.00182EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/24 12:51 a.m.4 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the gcrypkdecrypt function when processing crafted ECDH ciphertext. An attacker can cause a heap-based buffer overflow and potentially achieve denial of service or impact integrity and availability by supplying...

7.5CVSS6AI score0.00182EPSS
Exploits0References2
NVD
NVD
added 2026/04/23 5:16 a.m.8 views

CVE-2026-41989

Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...

6.7CVSS0.00182EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.13 views

Libgcrypt 缓冲区错误漏洞

Libgcrypt is a general-purpose encryption library based on GnuPG code from the American GNU community. This library implements various encryption algorithms, including symmetric ciphers, hash algorithms, public key algorithms, etc. Versions of Libgcrypt prior to 1.12.2 contained a buffer error...

6.7CVSS6.1AI score0.00182EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.5 views

PT-2026-34640

Name of the Vulnerable Software and Affected Versions Libgcrypt versions prior to 1.12.2 Description A heap-based buffer overflow and denial of service can occur when processing crafted ECDH ciphertext through the gcry pk decrypt function. Recommendations Update to version 1.12.2 or later...

6.7CVSS6AI score0.00182EPSS
Exploits0References27
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.9 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : strongSwan vulnerabilities (USN-8196-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8196-1 advisory. Haruto Kimura discovered that strongSwan incorrectly handled the supportedversions extension in TLS. A remote attacker could possibly...

6.1AI score
Exploits6References8
UbuntuCve
UbuntuCve
added 2026/04/22 12:0 p.m.14 views

CVE-2026-35332

NULL-Pointer Dereference When Handling ECDH Public Value in TLS...

5.7AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.22 views

PT-2026-35580

USN-8196-1 fixed vulnerabilities in strongSwan. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: Haruto Kimura discovered that strongSwan incorrectly handled the supported versions extension in TLS. A remote attacker could possibly use this issue to...

5.9AI score
Exploits6References36
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.14 views

PT-2026-35581

USN-8196-1 fixed vulnerabilities in strongSwan. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: Haruto Kimura discovered that strongSwan incorrectly handled the supported versions extension in TLS. A remote attacker could possibly use this issue to...

5.9AI score
Exploits6References37
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-35583

USN-8196-1 fixed vulnerabilities in strongSwan. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: Haruto Kimura discovered that strongSwan incorrectly handled the supported versions extension in TLS. A remote attacker could possibly use this issue to...

5.9AI score
Exploits6References37
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.15 views

PT-2026-35584

USN-8196-1 fixed vulnerabilities in strongSwan. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: Haruto Kimura discovered that strongSwan incorrectly handled the supported versions extension in TLS. A remote attacker could possibly use this issue to...

5.9AI score
Exploits6References36
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/16 1:4 p.m.6 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION: cryptography is a package...

8.2CVSS5.8AI score0.00341EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/15 11:46 a.m.4 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring and Dashboard operands are vulnerable to loss of confidentiality (CVE-2026-26007)

Summary Python module cryptography is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance and Dashboard operands that enable the App Connect Enterprise Agent are vulnerable to loss of...

8.2CVSS5.8AI score0.00341EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/04/10 11:26 a.m.4 views

SUSE-SU-2026:21165-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2026-34073: Fixed X.509 bypass of name constraints on wildcard SANs with matching peer names. bsc1260876 - CVE-2026-26007: missing validation can lead to security issues for signature verification ECDSA and shared key negotiati...

8.2CVSS5.8AI score0.00341EPSS
Exploits0References5
Rows per page
Query Builder