Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/26 5:27 p.m.7 views

CVE-2026-47778

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .cstr before bei...

4.4CVSS5.8AI score0.00212EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.11 views

PT-2026-44041

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 19.3 through 26.2.5.20 Erlang OTP versions 26.2.5.21 through 27.3.4.11 Erlang OTP versions 27.3.4.12 through 28.5.0.0 Erlang OTP versions 28.5.0.1 through 29.0.0 public key versions 1.4 through 1.15.1.6 public key versions...

8.1CVSS5.8AI score0.00338EPSS
Exploits0References40
OSV
OSV
added 2026/05/18 10:6 a.m.9 views

SUSE-SU-2026:21752-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3832: cert-session: fix multi-entry OCSP revocation bypass bsc1263706. - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short...

9.8CVSS5.8AI score0.01335EPSS
Exploits2References27
RedHat Linux
RedHat Linux
added 2026/05/06 5:58 p.m.8 views

Apache ZooKeeper: Apache ZooKeeper: Impersonation of servers or clients via reverse DNS spoofing

A flaw was found in Apache ZooKeeper. The ZKTrustManager component's hostname verification process can fall back to reverse DNS PTR lookup when IP Subject Alternative Name SAN validation fails. This vulnerability allows an attacker who can control or spoof PTR records to impersonate ZooKeeper...

7.4CVSS7.1AI score0.00633EPSS
Exploits0References5
Rows per page
Query Builder