Lucene search
K

271 matches found

RedHat Linux
RedHat Linux
added 2025/10/06 2:41 a.m.9 views

gnutls: Vulnerability in GnuTLS otherName SAN export

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

8.2CVSS7AI score0.01185EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-31363

Malicious code in bioql PyPI...

4CVSS6.3AI score0.00362EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-24231

Malicious code in bioql PyPI...

6.3CVSS6.2AI score0.00505EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/09/29 11:23 p.m.6 views

SUSE CVE-2025-59362

Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asnbuildobjid in lib/snmplib/asn1.c...

7.5CVSS7AI score0.00362EPSS
Exploits1References8
OSV
OSV
added 2025/09/26 4:15 p.m.5 views

ALPINE-CVE-2025-59362

Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asnbuildobjid in lib/snmplib/asn1.c...

4CVSS6.8AI score0.00362EPSS
Exploits1References1
CVE
CVE
added 2025/09/26 12:0 a.m.74 views

CVE-2025-59362

CVE-2025-59362 affects Squid up to version 7.1, due to mishandling of ASN.1 encoding of long SNMP OIDs in asn_build_objid (lib/snmplib/asn1.c). The issue is triggered by the ASN.1 encoding path and is described across multiple advisories/documentation in Connected documents. Impact according to t...

4CVSS6.5AI score0.00362EPSS
Exploits1References2Affected Software1
RedHat Linux
RedHat Linux
added 2025/09/17 6:17 p.m.7 views

gnutls: Vulnerability in GnuTLS otherName SAN export

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

8.2CVSS7AI score0.01185EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/09/17 5:13 p.m.5 views

gnutls: Vulnerability in GnuTLS otherName SAN export

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

8.2CVSS7AI score0.01185EPSS
Exploits0References5
Circl
Circl
added 2025/08/26 6:30 a.m.15 views

CVE-2025-48005

creationtimestamp| type| source ---|---|--- 2025-08-26 06:30:26+00:00| seen| https://infosec.place/objects/932cb874-108d-4ab8-a61b-e391dc9ab55e...

9.8CVSS4.8AI score0.00689EPSS
Exploits1References1
Circl
Circl
added 2025/08/20 12:29 p.m.8 views

CVE-2025-9184

creationtimestamp| type| source ---|---|--- 2025-08-20 12:29:18+00:00| seen| https://t.me/truesecator/7347 2025-08-21 16:43:37+00:00| seen| https://poliverso.org/objects/0477a01e-e29b5790-dee7d8d408d4834a 2026-04-13 17:57:43+00:00| seen| Telegram/QSM9U3MpJV7mFfbmf8cUEPeceSXGKhNza4NVrhBUDTV1Q...

8.1CVSS7.4AI score0.00343EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/12 7:42 p.m.3 views

CVE-2025-8885

A resource exhaustion flaw has been discovered in the Bouncy Castle for Java library. The flaw exists because there was no practical limit on the size of an encoded ASN.1 Object Identifier OID, beyond the maximum size of an ASN1Object. While technically valid, this could be exploited by an attack...

6.3CVSS7.1AI score0.00505EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/08/12 12:30 p.m.13 views

Bouncy Castle for Java on All (API modules) allows Excessive Allocation

A resource allocation vulnerability exists in Bouncy Castle for Java by Legion of the Bouncy Castle Inc. that affects all API modules. The vulnerability allows attackers to cause excessive memory allocation through unbounded resource consumption, potentially leading to denial of service. The issu...

6.3CVSS6.9AI score0.00505EPSS
Exploits0References5Affected Software7
OSV
OSV
added 2025/08/12 12:30 p.m.2 views

GHSA-67MF-3CR5-8W23 Bouncy Castle for Java on All (API modules) allows Excessive Allocation

A resource allocation vulnerability exists in Bouncy Castle for Java by Legion of the Bouncy Castle Inc. that affects all API modules. The vulnerability allows attackers to cause excessive memory allocation through unbounded resource consumption, potentially leading to denial of service. The issu...

6.3CVSS5.9AI score0.00505EPSS
Exploits0References5
Snyk
Snyk
added 2025/08/12 9:40 a.m.11 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...

6.3CVSS7AI score0.00505EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/12 9:40 a.m.12 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...

6.3CVSS7AI score0.00505EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/12 9:40 a.m.8 views

Allocation of Resources Without Limits or Throttling

Overview org.bouncycastle:bcprov-jdk15to18 is a Java implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submittin...

6.3CVSS6.9AI score0.00505EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/12 9:40 a.m.1 views

Allocation of Resources Without Limits or Throttling

Overview org.bouncycastle:bcprov-ext-jdk14 is a Java implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submittin...

6.3CVSS6.9AI score0.00505EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/12 9:40 a.m.8 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...

6.3CVSS7AI score0.00505EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/12 9:40 a.m.11 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...

6.3CVSS6.9AI score0.00505EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/12 9:40 a.m.8 views

Allocation of Resources Without Limits or Throttling

Overview org.bouncycastle:bcprov-ext-jdk15on is a Java implementation of cryptographic algorithms. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by...

6.3CVSS6.9AI score0.00505EPSS
Exploits0References2
Rows per page
Query Builder