[SECURITY] [DSA 6227-1] strongswan security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6227-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez April 22, 2026 https://www.debian.org/security/faq -...

X.509: Fix out-of-bounds access when parsing extensions

...

PT-2026-35580

USN-8196-1 fixed vulnerabilities in strongSwan. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: Haruto Kimura discovered that strongSwan incorrectly handled the supported versions extension in TLS. A remote attacker could possibly use this issue to...

UBUNTU-CVE-2026-5448

X.509 date buffer overflow in wolfSSLX509notAfter / wolfSSLX509notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. This is only triggered when calling these two APIs directly from an application, and does not affect TLS...

[SECURITY] Fedora 44 Update: rust-webpki-root-certs-1.0.6-1.fc44

Mozilla trusted certificate authorities in self-signed X.509 format for use with crates other than webpki...

CVE-2025-59464

A memory leak in Node.js’s OpenSSL integration occurs when converting X.509 certificate fields to UTF-8 without freeing the allocated buffer. When applications call socket.getPeerCertificatetrue, each certificate field leaks memory, allowing remote clients to trigger steady memory growth through...

CVE-2025-59464

A memory leak in Node.js’s OpenSSL integration occurs when converting X.509 certificate fields to UTF-8 without freeing the allocated buffer. When applications call socket.getPeerCertificatetrue, each certificate field leaks memory, allowing remote clients to trigger steady memory growth through...

MiracleLinux 9 : dotnet8.0-8.0.107-1.el9_4.ML.1 (AXSA:2024-8561:13)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8561:13 advisory. dotnet: DoS in System.Text.Json CVE-2024-30105 dotnet: DoS in ASP.NET Core 8 CVE-2024-35264 dotnet: DoS when parsing X.509 Content and...

Linux Distros Unpatched Vulnerability : CVE-2025-59464

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory leak in Node.js's OpenSSL integration occurs when converting X.509 certificate fields to UTF-8 without freeing the allocated buffer. When applications...

CVE-2009-4879

The Identity Server in Novell Access Manager before 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions...

CVE-2009-4914

Memory leak on Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 allows remote attackers to cause a denial of service memory consumption via Subject Alternative Name fields in an X.509 certificate, aka Bug ID CSCsq17879...

CVE-2017-18911

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. The X.509 certificate validation can be skipped for a TLS-based e-mail server...

CVE-2013-6682

The phone-proxy implementation in Cisco Adaptive Security Appliance ASA Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service connection-database corruption via an invalid entry, aka Bug ID CSCui33299...

EUVD-2014-5621

Malware in sbrugna...

EUVD-2014-5547

Malware in sbrugna...

EUVD-2014-5663

Malware in sbrugna...

EUVD-2014-6828

Malware in sbrugna...

EUVD-2018-18574

Malware in sbrugna...

EUVD-2016-7776

Malware in sbrugna...

EUVD-2018-1421

Malware in sbrugna...