Lucene search
K

2237 matches found

Chainguard
Chainguard
added 2 days ago4 views

CVE-2026-42295 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-fips, argo-workflows, kubeflow-pipelines-driver-fips, kubeflow-pipelines, argo-workflows-fips...

8.5CVSS5.9AI score0.00357EPSS
Exploits1
Github Security Blog
Github Security Blog
added 3 days ago5 views

Rancher has Privilege Escalation from Project Owner to Host

Impact A vulnerability has been identified in Rancher Manager that allows users assigned the Project Owner role to modify Pod Security Admission PSA labels on namespaces within their projects. Under the default role configuration, an attacker with the following access pattern can exploit this...

9.4CVSS5.8AI score0.00319EPSS
Exploits0References5Affected Software1
CVE
CVE
added 5 days ago11 views

CVE-2026-13757

CVE-2026-13757 affects p11-kit. The RPC attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() can form a mutually-recursive call chain with no recursion depth limit when handling nested CKA_WRAP_TEMPLATE, CKA_UNWRAP_TEMPLATE, and CKA_DERIVE_TE...

6.2CVSS5.8AI score0.0012EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 5 days ago5 views

gnutls: gnutls: Information disclosure via heap overread in RSA key exchange

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...

8.2CVSS5.8AI score0.00727EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 5 days ago4 views

gnutls: gnutls: Information disclosure via heap overread in RSA key exchange

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...

8.2CVSS5.8AI score0.00727EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 5 days ago5 views

gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling

A flaw was found in gnutls. An off-by-one error exists in the PKCS12 bag element bounds check. This vulnerability allows an remote attacker to write past the internal array of a PKCS12 bag when appending to a bag that already contains 32 elements. This memory corruption could lead to a denial of...

5.3CVSS5.8AI score0.00727EPSS
Exploits0References5
Chainguard
Chainguard
added 2026/06/27 2:16 a.m.7 views

GHSA-W6C6-C85G-MMV6 vulnerabilities

Vulnerabilities for packages: ratify-fips, commercial-chainloop-backend, crossplane-fips, kyverno, aactl, trivy, kyverno-fips, kubescape-server, crossplane, chainctl-fips, cloudbeat, ko-fips, kubescape, trivy-operator-fips, trivy-fips, kyverno-notation-aws-fips, commercial-chainloop-cli,...

5.9AI score
Exploits0
OSV
OSV
added 2026/06/25 10:18 p.m.2 views

GHSA-W879-237Q-WC7R golang.org/x/crypto/ssh: Invoking pathological RSA/DSA parameters may cause DoS

The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public...

7.5CVSS5.8AI score0.004EPSS
Exploits0References13
OSV
OSV
added 2026/06/25 10:17 p.m.2 views

DEBIAN-CVE-2026-6329

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6.5CVSS5.8AI score0.0016EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 9:16 p.m.11 views

CVE-2026-6681

The PKCS7 decode path ignores the caller-supplied output buffer size outputSz, allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release...

5.3CVSS0.00256EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/25 9:2 p.m.4 views

CVE-2026-6329

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6.5CVSS5.8AI score0.0016EPSS
Exploits0
EUVD
EUVD
added 2026/06/25 8:38 p.m.7 views

EUVD-2026-39560

Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing...

2.3CVSS5.8AI score0.00074EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52602

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description PKCS12 MAC verification uses a comparison length controlled by an attacker, which weakens the integrity check on the Message Authentication Code MAC and allows a...

6.5CVSS5.8AI score0.0016EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in OpenSSL

Issue summary: Processing a maliciously formatted PKCS12 file may cause OpenSSL to crash, leading to a potential Denial of Service attack. Impact summary: Applications that load files in PKCS12 format from untrusted sources may experience abrupt termination. A PKCS12 format file can contain...

5.5CVSS6.6AI score0.03174EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.18 views

PT-2026-49569

Name of the Vulnerable Software and Affected Versions Python-Multipart versions prior to 0.0.30 Description The parse options header function parsed Content-Disposition and Content-Type headers using email.message.Message, which applies RFC 2231/5987 decoding. This allows extended parameter synta...

5.3CVSS5.8AI score0.00177EPSS
Exploits0References11
Fedora
Fedora
added 2026/06/14 5:4 a.m.12 views

[SECURITY] Fedora 43 Update: weasyprint-69.0-1.fc43

WeasyPrint can render HTML and CSS to PDF. It aims to support web standards for printing...

5.3AI score
Exploits0
Fedora
Fedora
added 2026/06/13 1:13 a.m.11 views

[SECURITY] Fedora 44 Update: weasyprint-69.0-1.fc44

WeasyPrint can render HTML and CSS to PDF. It aims to support web standards for printing...

5.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/11 1:24 p.m.9 views

openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

A flaw was found in OpenSSL. This vulnerability allows a remote attacker to forge PKCS12 Public-Key Cryptography Standards 12 files that use Password-Based Message Authentication Code 1 PBMAC1 with short HMAC Hash-based Message Authentication Code keys. This can lead to a service accepting...

7.4CVSS5.5AI score0.00196EPSS
Exploits0References4
Chainguard
Chainguard
added 2026/06/11 1:48 a.m.7 views

GHSA-P92Q-9VQR-4J8V vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce-fips, wazuh-dashboard, nextcloud-server, opensearch-dashboards-fips, wazuh-dashboard-fips, awx, opensearch-dashboards, gitlab-rails-ce...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/11 1:48 a.m.8 views

CVE-2026-44487 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce-fips, wazuh-dashboard, nextcloud-server, opensearch-dashboards-fips, wazuh-dashboard-fips, awx, opensearch-dashboards, gitlab-rails-ce...

8.2CVSS5.9AI score0.00689EPSS
Exploits1
Rows per page
Query Builder