Lucene search
K

15 matches found

Cvelist
Cvelist
added 2026/04/09 6:0 p.m.23 views

CVE-2026-1584 Gnutls: gnutls: remote denial of service via crafted clienthello with invalid psk binder

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key PSK binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and...

7.5CVSS0.01382EPSS
Exploits0References3
CERT
CERT
added 2026/03/05 12:0 a.m.8 views

A flawed TLS handshake implementation affects Viber Proxy in multiple platforms

Overview The Rakuten Viber messaging app for Android V25.7.2.0g and Windows V25.6.0.0-V25.8.1.0, has a flaw in its TLS handshake implementation when using the Cloak proxy configuration. This flaw allows for easy identification of proxy usage, potentially compromising user anonymity. Description...

9.8CVSS5.9AI score0.00345EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/01 12:0 a.m.6 views

Amazon Linux 2 : runfinch-finch, --advisory ALAS2DOCKER-2026-097 (ALASDOCKER-2026-097)

The version of runfinch-finch installed on the remote host is prior to 1.14.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-097 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing...

10CVSS6AI score0.01945EPSS
Exploits3References12
RedhatCVE
RedhatCVE
added 2026/02/09 2:51 p.m.7 views

CVE-2026-1584

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key PSK binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and...

7.5CVSS5.2AI score0.01382EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-13086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.6.15 and 2.7alpha1 through 2.7rc1 allows an attacker to open a session from a...

8.2CVSS7.8AI score0.00621EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-5833

Malware in sbrugna...

10CVSS5AI score0.02461EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-17282

Malware in sbrugna...

7.5CVSS7.6AI score0.01782EPSS
Exploits0References3
OSV
OSV
added 2025/08/19 11:32 a.m.11 views

CLSA-2025-1755603149 Fix of 5 CVEs

OpenJDK 8u462 release - CVE-2025-30749: Java 2D heap corruption, code execution/DoS - CVE-2025-30754: JSSE TLS handshake flaw, weakened encryption - CVE-2025-30761: nashorn sandbox bypass, code execution - CVE-2025-50059: HTTP client header bug, data leak - CVE-2025-50106: Glyph rendering memory...

8.6CVSS7.2AI score0.01058EPSS
Exploits1References1
OSV
OSV
added 2025/08/13 7:22 p.m.14 views

CLSA-2025-1755112965 Fix of 5 CVEs

OpenJDK 8u462 release - CVE-2025-30749: Java 2D heap corruption, code execution/DoS - CVE-2025-30754: JSSE TLS handshake flaw, weakened encryption - CVE-2025-30761: nashorn sandbox bypass, code execution - CVE-2025-50059: HTTP client header bug, data leak - CVE-2025-50106: Glyph rendering memory...

8.6CVSS6.8AI score0.01058EPSS
Exploits1References1
OSV
OSV
added 2025/07/24 1:21 a.m.3 views

USN-7667-1 openjdk-8 vulnerabilities

It was discovered that the 2D component of OpenJDK 8 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 Mashroor Hasan Bhuiyan discovered that the JSSE compone...

8.1CVSS6.9AI score0.01058EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/04/25 3:24 a.m.5 views

OpenJDK: improper connection handling during TLS handshake (8294474)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

7.4CVSS7.2AI score0.01295EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/04/20 12:52 a.m.6 views

OpenJDK: improper connection handling during TLS handshake (8294474)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

7.4CVSS7.2AI score0.01295EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.8 views

SUSE CVE-2021-29504

WP-CLI is the command-line interface for WordPress. An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the...

7.4CVSS7.8AI score0.01312EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/03/21 7:28 a.m.3 views

OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...

4.3CVSS7.4AI score0.04104EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/10/20 1:21 p.m.9 views

OpenJDK: Unexpected exception raised during TLS handshake (JSSE, 8267729)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker...

5.3CVSS6.8AI score0.06218EPSS
Exploits0References4
Rows per page
Query Builder