Astra Linux – Vulnerability in mbedtls

A vulnerability was discovered in Mbed TLS before versions 2.28.2 and 3.x, prior to 3.3.0. An adversary with access to sufficiently precise information about memory accesses typically, an untrusted operating system attacking a secure environment can retrieve an RSA private key by observing the...

PT-2026-44129

Name of the Vulnerable Software and Affected Versions Deno versions 2.0.0 through 2.7.7 Description A flaw in the Node.js tls compatibility layer can cause a TLS client to transmit application data in plaintext after a connection retry. This occurs when the autoSelectFamily variable is enabled an...

RHEL 10 : osbuild-composer (RHSA-2026:17686)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:17686 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for...

Astra Linux – Vulnerability in mbedtls

A issue was discovered in Mbed TLS before version 2.25.0 and before versions 2.16.9 LTS and 2.7.18 LTS. A NULL algorithm parameter entry resembles an array of REAL values with a size of zero; therefore, the certificate is considered valid. However, if the parameters do not match at all, then the...

RHEL 9 : buildah (RHSA-2026:12030)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:12030 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...

CVE-2026-20006

A vulnerability in the TLS cryptography functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to unexpectedly restart, resulting in a denial of service DoS condition...

MiracleLinux 7 : rh-nodejs12-nodejs-nodemon-2.0.3-1.el7, rh-nodejs12-nodejs-12.20.1-1.el7 (AXSA:2021-1451:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1451:01 advisory. nodejs-mixin-deep: prototype pollution in function mixin-deep CVE-2019-10746 nodejs-set-value: prototype pollution in function set-value...

MiracleLinux 9 : runc-1.1.9-1.el9 (AXSA:2023-6674:03)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6674:03 advisory. golang: crypto/tls: large handshake records may cause panics CVE-2022-41724 runc: Rootless runc makes /sys/fs/cgroup writable CVE-2023-25809 runc:...

IBM AIX和IBM VIOS 安全漏洞

IBM AIX and IBM VIOS are both products of the International Business Machines IBM Corporation.IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture.IBM VIOS is part of the PowerVm® Editions hardware feature set.IBM AIX is an open standards-based UNIX...

Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2025-32988 DESCRIPTION: A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject...

EUVD-2019-8896

Malware in sbrugna...

EUVD-2020-12758

Malware in sbrugna...

EUVD-2017-14735

Malware in sbrugna...

EUVD-2020-18313

Malware in sbrugna...

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays.

...

USN-7018-1: OpenSSL vulnerabilities

Robert Merget, Marcus Brinkmann, Nimrod Aviram, and Juraj Somorovsky discovered that certain Diffie-Hellman ciphersuites in the TLS specification and implemented by OpenSSL contained a flaw. A remote attacker could possibly use this issue to eavesdrop on encrypted communications. This was fixed i...

DEBIAN-CVE-2024-45157

An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLSPSAHMACDRBGMDTYPE does not cause the PSA subsystem to use HMACDRBG: it uses HMACDRBG only when MBEDTLSPSACRYPTOEXTERNALRNG and...

AZL-47703 CVE-2024-28960 affecting package hvloader for versions less than 1.0.1-6

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...

kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination

An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...

OpenJDK: improper connection handling during TLS handshake (8294474)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...