CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/06/09 11:19 a.m.•7 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

Snyk•added 2026/05/22 5:32 a.m.•5 views

Uncaught Exception

Overview github.com/golang/crypto/ssh is a SSH client and server Affected versions of this package are vulnerable to Uncaught Exception in the CertChecker component when used as a public key callback without setting IsUserAuthority or IsHostAuthority. An attacker can cause the server to panic by...

8.7CVSS5.8AI score0.0021EPSS

Exploits0References2

Snyk•added 2026/05/22 5:32 a.m.•6 views

Allocation of Resources Without Limits or Throttling

Overview github.com/golang/crypto/ssh is a SSH client and server Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the public key parsers. An attacker can exhaust CPU resources by submitting crafted RSA or DSA public keys with excessively...

7.5CVSS5.8AI score0.00304EPSS

Exploits0References2

RedHat Linux•added 2026/05/20 1:17 p.m.•38 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

RedHat Linux•added 2026/05/19 4:11 p.m.•21 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

RedHat Linux•added 2026/05/11 10:53 p.m.•8 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

RedHat Linux•added 2026/05/11 6:39 p.m.•9 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

RedHat Linux•added 2026/05/11 12:26 p.m.•10 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

Packet Storm News•added 2026/04/05 12:0 a.m.•0 views

Merkle Tree Certificate Post-Quantum PKI for Kubernetes and Cloud-Native 5G/B5G Core

Post-quantum signature schemes such as ML-DSA-65 produce signatures of 3,309 bytes and public keys of 1,952 bytes over 50 times larger than classical Ed25519. In TLS-authenticated environments like Kubernetes control planes and 5G Core networks, where every inter-component connection is mutually...

5.9AI score

Exploits0

Tenable Nessus•added 2026/01/15 12:0 a.m.•3 views

RockyLinux 10 : buildah (RLSA-2026:0436)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0436 advisory. golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS CVE-2025-47913 Tenable has extracted the precedi...

7.5CVSS6.6AI score0.00579EPSS

Exploits1References3

Ubuntu•added 2026/01/13 6:41 a.m.•5 views

USN-7956-1: Google Guest Agent vulnerability

Jakub Ciolek discovered that the Go Cryptography module included in Google Guest Agent did not validate GSSAPI authentication requests during SSH operations. An attacker could possibly use this issue to cause a denial of service...

5.3CVSS6.8AI score0.00521EPSS

Exploits0

Filippo.io•added 2025/11/20 3:42 p.m.•13 views

The 2025 Go Cryptography State of the Union

This past August, I delivered my traditional Go Cryptography State of the Union talk at GopherCon US 2025 in New York. It goes into everything that happened at the intersection of Go and cryptography over the last year. You can watch the video with manually edited subtitles, for my fellow subtitl...

7.1AI score

Exploits0

OpenVAS•added 2025/11/04 12:0 a.m.•3 views

Ubuntu: Security Advisory (USN-7839-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS6.8AI score0.03092EPSS

Ubuntu•added 2025/11/03 10:18 a.m.•7 views

USN-7839-2: Google Guest Agent vulnerability

USN-7839-1 fixed vulnerabilities in Go Cryptography. This update provides the corresponding update in the Go Cryptography module included in Google Guest Agent. Original advisory details: Damien Tournoud, Patrick Dawkins, Vince Parker, and Jules Duvivier discovered that Go Cryptography incorrectl...

9.1CVSS7.6AI score0.03092EPSS

Exploits2

OSV•added 2025/11/03 10:18 a.m.•6 views

USN-7839-2 google-guest-agent vulnerability

9.1CVSS6.8AI score0.03092EPSS

Tenable Nessus•added 2025/10/24 12:0 a.m.•3 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Go Cryptography vulnerability (USN-7839-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7839-1 advisory. Damien Tournoud, Patrick Dawkins, Vince Parker, and Jules Duvivier discovered that Go Cryptography incorrectly...

9.1CVSS7.6AI score0.03092EPSS

Ubuntu•added 2025/10/23 6:49 p.m.•5 views

USN-7839-1: Go Cryptography vulnerability

Damien Tournoud, Patrick Dawkins, Vince Parker, and Jules Duvivier discovered that Go Cryptography incorrectly handled public keys during SSH operations. An attacker could possibly use this issue to bypass authorization mechanisms...

9.1CVSS7.6AI score0.03092EPSS

Exploits2

OSV•added 2025/10/23 6:49 p.m.•3 views

USN-7839-1 golang-go.crypto vulnerability

9.1CVSS6.8AI score0.03092EPSS