CVE-2026-1677

Zephyr sockets created with IPPROTOTLS13 can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS e.g. via mbedtlssslconfmintlsversion. The ClientHello advertises both versions and the peer can...

CVE-2024-56713

In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: fix nsimppholdwrite nsimppholdwrite has two problems: 1 It may return with rtnl held, as found by syzbot. 2 Its return value does not propagate an error if any...

SUSE CVE-2019-14902

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers...

UBUNTU-CVE-2020-12797

HashiCorp Consul and Consul Enterprise failed to enforce changes to legacy ACL token rules due to non-propagation to secondary data centers. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4...

EAP7 Privilege escalation when managing domain including earlier version slaves

The domain controller will not propagate its administrative RBAC configuration to some slaves. An attacker could use this to escalate their privileges...

EAP7 Privilege escalation when managing domain including earlier version slaves

The domain controller will not propagate its administrative RBAC configuration to some slaves. An attacker could use this to escalate their privileges...

MGASA-2017-0195 Updated golang packages fix security vulnerability

A carry propagation issue was found in the P-256 implementation for x86-64 in golang CVE-2017-8932...

EUVD-2015-8673

x8664/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors...