Lucene search
+L

626 matches found

Cvelist
Cvelist
added 2026/04/01 12:0 a.m.33 views

CVE-2026-34873

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

0.00241EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.8 views

PT-2026-29611

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

9.1CVSS5.9AI score0.00426EPSS
Exploits0References14
OSV
OSV
added 2026/04/01 12:0 a.m.1 views

CVE-2026-34873

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

9.1CVSS6AI score0.00241EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.10 views

RHEL 9 : OpenShift Container Platform 4.19.27 (RHSA-2026:5876)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5876 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

10CVSS6.8AI score0.00765EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.8 views

TencentOS Server 3: osbuild-composer (TSSA-2026:0204)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0204 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

10CVSS6.9AI score0.01945EPSS
Exploits1References3
Snyk
Snyk
added 2026/04/01 12:0 a.m.6 views

Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

Overview Affected versions of this package are vulnerable to Selection of Less-Secure Algorithm During Negotiation 'Algorithm Downgrade' in the TLS 1.3 session resumption logic if the subsequent ClientHello negotiates TLS 1.2 back. An attacker can gain unauthorized access by impersonating a...

9.1CVSS5.8AI score0.00241EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/03/31 4:23 p.m.15 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/03/31 4:23 p.m.12 views

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

10CVSS6.8AI score0.01945EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2026/03/31 4:12 p.m.11 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
OSV
OSV
added 2026/03/27 12:7 p.m.5 views

RLSA-2026:5146 Important: yggdrasil security update

yggdrasil is a system daemon that subscribes to topics on an MQTT broker and routes any data received on the topics to an appropriate child "worker" process, exchanging data with its worker processes through a D-Bus message broker. Security Fixes: crypto/x509: golang: Denial of Service due to...

7.5CVSS7.2AI score0.01945EPSS
Exploits3References4
Rockylinux
Rockylinux
added 2026/03/27 12:7 p.m.12 views

yggdrasil security update

An update is available for yggdrasil. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list yggdrasil is a system daemon that subscribes to topics on an MQTT broker a...

10CVSS6AI score0.01945EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2026/03/26 8:30 p.m.13 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/03/26 8:28 p.m.22 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/03/26 7:47 p.m.6 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/03/26 7:47 p.m.13 views

Important: Red Hat Security Advisory: Satellite 6.18.4 Async Update

A new release is now available for Red Hat Satellite 6.18 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

10CVSS6.7AI score0.01945EPSS
Exploits3References16
RedHat Linux
RedHat Linux
added 2026/03/26 3:3 p.m.12 views

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.2.3

Red Hat OpenShift Service Mesh 3.2.3 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh 3.2....

10CVSS7.3AI score0.01945EPSS
Exploits2References14
RedHat Linux
RedHat Linux
added 2026/03/26 2:31 p.m.17 views

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.0.9

Red Hat OpenShift Service Mesh 3.0.9 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh 3.0....

10CVSS7.3AI score0.01945EPSS
Exploits2References14
Tenable Nessus
Tenable Nessus
added 2026/03/24 12:0 a.m.7 views

Alibaba Cloud Linux 3 : 0060: container-tools (ALINUX3-SA-2026:0060)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0060 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-61726: The net/url package does n...

10CVSS7.3AI score0.01945EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.16 views

AlmaLinux 10 : yggdrasil (ALSA-2026:5146)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:5146 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in...

10CVSS5.9AI score0.01945EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2026/03/19 11:49 p.m.21 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.5AI score0.00765EPSS
Exploits1References8
Rows per page
Query Builder