Lucene search
K

268 matches found

OSV
OSV
added 2026/06/24 12:0 a.m.5 views

ALSA-2026:29455 Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

9.1CVSS7.2AI score0.00728EPSS
Exploits0References14
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Bouncycastle

The Bouncy Castle For Java version prior to 1.74 is affected by an LDAP injection vulnerability. This vulnerability only affects applications that use the LDAP CertStore provided by Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the...

5.3CVSS6.8AI score0.00772EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/17 12:5 p.m.5 views

kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...

5.8AI score0.00154EPSS
Exploits0References5
Fedora
Fedora
added 2026/05/29 1:13 a.m.12 views

[SECURITY] Fedora 44 Update: openbao-2.5.4-1.fc44

Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...

5.8AI score0.00083EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

StrongSwan security vulnerabilities

strongSwan is an open-source VPN solution based on IPsec, developed by Andreas Steffen of Switzerland. This solution includes X.509 public key certificates, secure storage of private keys, and authentication mechanisms such as smart cards. strongSwan has a security vulnerability, which stems from...

6.1AI score
Exploits3References1
RedHat Linux
RedHat Linux
added 2026/05/28 2:41 a.m.9 views

kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...

6.1AI score0.00154EPSS
Exploits0References5
Fedora
Fedora
added 2026/05/23 4:1 p.m.13 views

[SECURITY] Fedora 42 Update: nss-3.123.1-1.fc42

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/05/21 1:28 a.m.15 views

[SECURITY] Fedora 43 Update: nss-3.123.1-1.fc43

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

5.8AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Bouncycastle

Bouncy Castle for Java before version 1.73 contains a potential Denial of Service DoS issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM-encoded streams containing X.509 certificates, PKCS8-encoded keys, and PKCS7 objects. Parsing a file that...

5.5CVSS6.2AI score0.00932EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys – prevented overflow in asymmetrickeygenerateid. Use checkaddoverflow to prevent potential integer overflows when adding the lengths of binary blobs and the size of an asymmetrickeyid structure. Return...

6AI score0.00154EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2026/05/19 12:0 a.m.20 views

Important: opentelemetry-collector security update

Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path...

9.1CVSS6.9AI score0.01557EPSS
Exploits1References18
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.69 views

Oracle Linux 9 : kernel (ELSA-2026-16206)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-16206 advisory. 5.14.0-611.55.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux...

8.8CVSS6.1AI score0.93235EPSS
Exploits31References2
Debian CVE
Debian CVE
added 2026/05/12 5:22 p.m.14 views

CVE-2026-44167

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and 3.0.52...

7.5CVSS5.8AI score0.00201EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/12 5:22 p.m.48 views

CVE-2026-44167 phpseclib: CVE-2024-27355 mitigation bypass — OID amplification DoS in ASN1::decodeOID()

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and 3.0.52...

7.5CVSS0.00201EPSS
Exploits0References2
Fedora
Fedora
added 2026/05/12 1:11 a.m.12 views

[SECURITY] Fedora 42 Update: nss-3.122.2-1.fc42

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/05/12 12:49 a.m.16 views

[SECURITY] Fedora 44 Update: nss-3.122.2-1.fc44

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/05/08 6:24 p.m.19 views

phpseclib guardrails needed on OID length

Impact Any application using that loads untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. Patches https://github.com/phpseclib/phpseclib/commit/e32531001b4d62c66c3d824ccef54ffad835eb59 Workarounds No. Resources...

7.5CVSS7.1AI score0.00569EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/05 9:17 p.m.18 views

phpseclib has a CVE-2024-27355 mitigation bypass — OID amplification DoS in ASN1::decodeOID()

Impact Anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc Patches https://github.com/phpseclib/phpseclib/commit/d53d2021bcb9f6a04d5d44ec99e6bbef219a71bc Workarounds No. References...

7.5CVSS7.1AI score0.00569EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2026/05/05 5:58 a.m.6 views

kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...

6.1AI score0.00154EPSS
Exploits0References5
Fedora
Fedora
added 2026/05/03 1:18 a.m.10 views

[SECURITY] Fedora 43 Update: nss-3.122.1-1.fc43

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

5.8AI score
Exploits0
Rows per page
Query Builder