Lucene search
K

621 matches found

RedHat Linux
RedHat Linux
added 2026/05/20 3:59 a.m.17 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.16 views

RHEL 9 : osbuild-composer (RHSA-2026:19475)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19475 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building...

10CVSS7.1AI score0.00765EPSS
Exploits1References6
NVD
NVD
added 2026/05/19 6:16 p.m.19 views

CVE-2026-32134

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

5.9CVSS0.00401EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/19 5:22 p.m.17 views

EUVD-2026-30965

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

5.9CVSS5.7AI score0.00401EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/19 1:37 p.m.18 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/05/19 1:24 p.m.19 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
OSV
OSV
added 2026/05/19 12:0 a.m.19 views

ALSA-2026:18913 Important: containernetworking-plugins security update

The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...

10CVSS7AI score0.01945EPSS
Exploits3References8
RedHat Linux
RedHat Linux
added 2026/05/14 7:28 p.m.12 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.15 views

RHEL 10 : osbuild-composer (RHSA-2026:17686)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:17686 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for...

10CVSS6.9AI score0.00765EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/13 3:39 p.m.9 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS7AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/05/13 1:20 p.m.12 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/05/13 1:56 a.m.8 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS7.1AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/05/11 10:53 p.m.13 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/05/07 6:15 p.m.18 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/05/07 6:15 p.m.11 views

Important: Red Hat Security Advisory: buildah security update

An update for buildah is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

10CVSS6.9AI score0.01945EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.8 views

Unity Linux 20.1070a Security Update: osbuild-composer (UTSA-2026-016491)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016491 advisory. During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake...

10CVSS5.8AI score0.00765EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.11 views

AlmaLinux 10 : image-builder (ALSA-2026:3840)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3840 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in...

10CVSS7.3AI score0.01945EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.8 views

AlmaLinux 9 : image-builder (ALSA-2026:3839)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3839 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in...

10CVSS7AI score0.01945EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2026/05/04 11:37 p.m.8 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 6:40 p.m.10 views

Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (April 2026 - Part 2 of 2)

Summary Multiple vulnerabilities have been addressed in Data Virtualization on IBM Software Hub. Note that Data Virtualization was named Watson Query on IBM Cloud Pak for Data version 4.8. Vulnerability Details CVEID:CVE-2025-68121 DESCRIPTION: During session resumption in crypto/tls, if the...

10CVSS6.8AI score0.00765EPSS
Exploits1Affected Software1
Rows per page
Query Builder