271 matches found
gnutls: Vulnerability in GnuTLS otherName SAN export
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...
EUVD-2025-31363
Malicious code in bioql PyPI...
EUVD-2025-24231
Malicious code in bioql PyPI...
SUSE CVE-2025-59362
Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asnbuildobjid in lib/snmplib/asn1.c...
ALPINE-CVE-2025-59362
Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asnbuildobjid in lib/snmplib/asn1.c...
CVE-2025-59362
CVE-2025-59362 affects Squid up to version 7.1, due to mishandling of ASN.1 encoding of long SNMP OIDs in asn_build_objid (lib/snmplib/asn1.c). The issue is triggered by the ASN.1 encoding path and is described across multiple advisories/documentation in Connected documents. Impact according to t...
gnutls: Vulnerability in GnuTLS otherName SAN export
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...
gnutls: Vulnerability in GnuTLS otherName SAN export
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...
CVE-2025-48005
creationtimestamp| type| source ---|---|--- 2025-08-26 06:30:26+00:00| seen| https://infosec.place/objects/932cb874-108d-4ab8-a61b-e391dc9ab55e...
CVE-2025-9184
creationtimestamp| type| source ---|---|--- 2025-08-20 12:29:18+00:00| seen| https://t.me/truesecator/7347 2025-08-21 16:43:37+00:00| seen| https://poliverso.org/objects/0477a01e-e29b5790-dee7d8d408d4834a 2026-04-13 17:57:43+00:00| seen| Telegram/QSM9U3MpJV7mFfbmf8cUEPeceSXGKhNza4NVrhBUDTV1Q...
CVE-2025-8885
A resource exhaustion flaw has been discovered in the Bouncy Castle for Java library. The flaw exists because there was no practical limit on the size of an encoded ASN.1 Object Identifier OID, beyond the maximum size of an ASN1Object. While technically valid, this could be exploited by an attack...
Bouncy Castle for Java on All (API modules) allows Excessive Allocation
A resource allocation vulnerability exists in Bouncy Castle for Java by Legion of the Bouncy Castle Inc. that affects all API modules. The vulnerability allows attackers to cause excessive memory allocation through unbounded resource consumption, potentially leading to denial of service. The issu...
GHSA-67MF-3CR5-8W23 Bouncy Castle for Java on All (API modules) allows Excessive Allocation
A resource allocation vulnerability exists in Bouncy Castle for Java by Legion of the Bouncy Castle Inc. that affects all API modules. The vulnerability allows attackers to cause excessive memory allocation through unbounded resource consumption, potentially leading to denial of service. The issu...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...
Allocation of Resources Without Limits or Throttling
Overview org.bouncycastle:bcprov-jdk15to18 is a Java implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submittin...
Allocation of Resources Without Limits or Throttling
Overview org.bouncycastle:bcprov-ext-jdk14 is a Java implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submittin...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...
Allocation of Resources Without Limits or Throttling
Overview org.bouncycastle:bcprov-ext-jdk15on is a Java implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by...