Lucene search
K

952 matches found

Mageia
Mageia
added 2026/05/07 5:6 a.m.17 views

Updated nginx packages fix security vulnerabilities

Buffer overflow in ngxhttpdavmodule CVE-2026-27654 Buffer overflow in the ngxhttpmp4module CVE-2026-27784 Buffer overflow in the ngxhttpmp4module CVE-2026-32647 NULL pointer dereference while using CRAM-MD5 or APOP CVE-2026-27651 Injection in authhttp and XCLIENT CVE-2026-28753 OCSP result bypass...

8.8CVSS7.5AI score0.21621EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/05/06 7:55 p.m.16 views

USN-8239-1: Apache HTTP Server vulnerabilities

Bartlomiej Dmitruk and Stanislaw Strzalkowski discovered that Apache HTTP Server incorrectly handled certain memory operations when using the HTTP/2 protocol. A remote attacker could use this issue to cause Apache HTTP Server to crash, resulting in a denial of service, or possibly execute arbitra...

9.8CVSS6.3AI score0.49727EPSS
Exploits18
SUSE CVE
SUSE CVE
added 2026/05/06 1:43 a.m.11 views

SUSE CVE-2026-29168

Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's modmd via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

5.9CVSS5.8AI score0.00628EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-29168

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's modmd via OCSP response data. This issue affects Apache HTTP Server:...

7.3CVSS7.1AI score0.00628EPSS
Exploits0References2
OSV
OSV
added 2026/05/05 9:46 p.m.7 views

GHSA-XP3W-R5P5-63RR rust-openssl has undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs

X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce that the underlying IA5String is ASCII, so a certificate with non-UTF-8 bytes in its OCSP accessLocation...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/05 9:46 p.m.13 views

rust-openssl has undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs

X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce that the underlying IA5String is ASCII, so a certificate with non-UTF-8 bytes in its OCSP accessLocation...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/05 2:16 p.m.7 views

DEBIAN-CVE-2026-29168

Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's modmd via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

7.3CVSS5.8AI score0.00628EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/05 1:10 p.m.9 views

CVE-2026-29168

Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's modmd via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

7.3CVSS5.8AI score0.00628EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/05 1:10 p.m.116 views

CVE-2026-29168

CVE-2026-29168 affects Apache HTTP Server’s mod_md and is due to an Allocation of Resources Without Limits or Throttling via OCSP response data. Affected are Apache httpd versions 2.4.30 through 2.4.66; upgrading to 2.4.67 fixes the issue. The vulnerability description consistently notes this as ...

7.3CVSS5.8AI score0.00628EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/05 1:10 p.m.117 views

CVE-2026-29168 Apache HTTP Server: mod_md unrestricted OCSP response

Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's modmd via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

0.00628EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/05 1:10 p.m.9 views

CVE-2026-29168

Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's modmd via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

7.3CVSS5.8AI score0.00628EPSS
Exploits0
OSV
OSV
added 2026/05/05 12:0 a.m.4 views

UBUNTU-CVE-2026-29168

Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's modmd via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

7.3CVSS5.8AI score0.00628EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.14 views

PT-2026-37265

Name of the Vulnerable Software and Affected Versions rust-openssl versions 0.9.7 through 0.10.78 Description The X509Ref::ocsp responders function returns OCSP responder URLs from a certificate's AIA extension as OpensslString. The Deref implementation wraps raw bytes using str::from utf8...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References27
OSV
OSV
added 2026/04/30 6:16 p.m.6 views

ALPINE-CVE-2026-3832

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol OCSP response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabl...

3.7CVSS5.8AI score0.0072EPSS
Exploits1References1
CVE
CVE
added 2026/04/30 5:41 p.m.36 views

CVE-2026-3832

CVE-2026-3832 affects the gnutls library. A logic error in processing multi-record OCSP responses during TLS handshakes can cause a client with OCSP verification enabled to incorrectly accept a revoked server certificate, potentially compromising trust. The available documents describe the vulner...

3.7CVSS5.4AI score0.0072EPSS
Exploits1References9Affected Software4
Snyk
Snyk
added 2026/04/30 5:29 p.m.5 views

Incorrect Behavior Order: Early Validation

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Early Validation in the OCSP stapling process. An attacker can cause a client to accept a revoked server certificate by presenting a specially crafted multi-record OCSP response during a TLS handshake...

6.3CVSS5.8AI score0.0072EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/29 6:4 p.m.7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in tomcat-embed-core-11.0.15.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in tomcat-embed-core-11.0.15.jar Vulnerability Details CVEID:CVE-2026-24734 DESCRIPTION: Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native and Tomcat's FFM po...

7.5CVSS6.4AI score0.00498EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.11 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.5.1.2)

The version of AOS installed on the remote host is prior to 7.5.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.5.1.2 advisory. - LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raste...

8.3CVSS6.7AI score0.96267EPSS
Exploits233References11
Hacker One
Hacker One
added 2026/04/25 12:18 a.m.27 views

curl: CVE-2026-7009: OCSP stapling bypass with Apple SecTrust

Summary When curl is built with --with-apple-sectrust or -DUSEAPPLESECTRUST=ON and OpenSSL, the --cert-status / CURLOPTSSLVERIFYSTATUS option is silently bypassed when Apple SecTrust handles certificate chain verification instead of OpenSSL. The user explicitly requests OCSP stapling enforcement,...

6.5CVSS5.5AI score0.01102EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.16 views

SUSE SLES15 Security Update : tomcat (SUSE-SU-2026:1604-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1604-1 advisory. Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open...

9.1CVSS5.6AI score0.15831EPSS
Exploits7References32
Rows per page
Query Builder