Lucene search
K

100 matches found

RedHat Linux
RedHat Linux
added 3 days ago4 views

gnutls: gnutls: Security bypass due to incorrect name constraint handling

A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities CAs only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate...

7.4CVSS5.8AI score0.00475EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 3 days ago4 views

gnutls: gnutls: Security bypass due to incorrect name constraint handling

A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities CAs only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate...

7.4CVSS5.8AI score0.00475EPSS
Exploits0References5
EUVD
EUVD
added last week6 views

EUVD-2026-39555

X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's DNS name constraints could be accepted...

6CVSS5.8AI score0.00124EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/26 7:4 a.m.9 views

gnutls: gnutls: Security bypass due to incorrect name constraint handling

A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities CAs only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate...

7.4CVSS5.8AI score0.00475EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/08 7:31 p.m.9 views

CVE-2026-42225

A flaw was found in PJSIP. On GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via verifyserver = PJTRUE or verifyclient = PJTRUE...

8.2CVSS5.7AI score0.00161EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-42225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls ca...

8.2CVSS5.3AI score0.00161EPSS
Exploits0References2
OSV
OSV
added 2026/05/07 8:16 p.m.9 views

DEBIAN-CVE-2026-42225

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

5.9CVSS5.7AI score0.00161EPSS
Exploits0References1
NVD
NVD
added 2026/05/07 8:16 p.m.15 views

CVE-2026-42225

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

8.2CVSS0.00161EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 8:16 p.m.6 views

UBUNTU-CVE-2026-42225

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

8.2CVSS5.7AI score0.00161EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/07 6:47 p.m.13 views

EUVD-2026-28428

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

8.2CVSS5.7AI score0.00161EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/07 6:47 p.m.9 views

CVE-2026-42225 GnuTLS backend silently skips certificate chain verification when verify_peer is false

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

8.2CVSS5.7AI score0.00161EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/07 6:47 p.m.7 views

CVE-2026-42225

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

8.2CVSS5.7AI score0.00161EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/05/07 6:47 p.m.8 views

CVE-2026-42225

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

8.2CVSS5.7AI score0.00161EPSS
Exploits0
NVD
NVD
added 2026/05/07 3:16 p.m.20 views

CVE-2026-42011

A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities CAs only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate...

7.4CVSS0.00475EPSS
Exploits0References15
ATTACKERKB
ATTACKERKB
added 2026/05/07 1:51 p.m.13 views

CVE-2026-42011

A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities CAs only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate...

7.4CVSS5.8AI score0.00475EPSS
Exploits0References16
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.12 views

PJSIP 信任管理问题漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Prior to PJSIP version 2.17, there were vulnerabilities related to trust management. These vulnerabilities...

8.2CVSS5.8AI score0.00161EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.10 views

GnuTLS 信任管理问题漏洞

GnuTLS is an open-source, free security communication library developed by GnuTLS. GnuTLS has a trust management vulnerability. This vulnerability arises when the previous certificate issuer only had exclusion from name constraints, and the allowed name constraints were incorrectly ignored. This...

7.4CVSS5.8AI score0.00475EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:11 p.m.6 views

CVE-2026-32293

The GL-iNet Comet GL-RM1 KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the...

6.3CVSS5.9AI score0.00332EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/17 5:19 p.m.3 views

CVE-2026-32293

The GL-iNet Comet GL-RM1 KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the...

6.3CVSS5.7AI score0.00332EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.14 views

PT-2026-25915

The GL-iNet Comet GL-RM1 KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the...

6.3CVSS5.7AI score0.00332EPSS
Exploits0References6
Rows per page
Query Builder