Lucene search
K

43 matches found

AlpineLinux
AlpineLinux
added 2026/06/09 4:3 p.m.9 views

CVE-2026-34180

Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of Service or to...

7.5CVSS5.8AI score0.00513EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in OpenLDAP

A flaw was discovered in ldapX509dn2bv in OpenLDAP before version 2.4.57, which led to a crash in slapd during X.509 DN parsing in adkeystring, resulting in a denial of service...

7.5CVSS6.9AI score0.043EPSS
Exploits0References1
Fedora
Fedora
added 2026/05/08 7:29 p.m.29 views

[SECURITY] Fedora 44 Update: gnutls-3.8.13-1.fc44

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...

5.8AI score
Exploits0
OSV
OSV
added 2026/04/27 5:25 p.m.8 views

CLSA-2026-1777310722 openldap: Fix of 15 CVEs

CVE-2019-13565: SASL session encryption SSF not reset on new connection, allowing downgrade - CVE-2020-12243: slapd crash via deeply nested LDAP search filter boolean expressions - CVE-2020-25692: NULL pointer dereference in slapd during modRDN request - CVE-2020-25709: slapd assertion failure...

7.5CVSS6.8AI score0.84224EPSS
Exploits1References1
OSV
OSV
added 2026/04/22 9:20 a.m.8 views

CLSA-2025-1758636652 openldap: Fix of 14 CVEs

Rebase to 2.4.58 to fix the following vulnerabilities: - CVE-2020-12243: fix denial of service caused by LDAP search filters with nested boolean expressions - CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing - CVE-2020-36223: fix slapd crash in the Values Return...

7.5CVSS7.1AI score0.84224EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/03 12:56 p.m.7 views

CVE-2026-34610

A flaw was found in the leancrypto cryptographic library. A remote attacker can exploit an integer overflow vulnerability in the lcx509extractnamesegment function when processing the Common Name CN field of an X.509 certificate. By crafting a specially designed certificate, an attacker can cause...

5.9CVSS6AI score0.00162EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 9 : java-11-openjdk-11.0.17.0.8-2.el9 (AXSA:2022-4117:18)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4117:18 advisory. OpenJDK: improper MultiByte conversion can lead to buffer overflow JGSS, 8286077 CVE-2022-21618 OpenJDK: excessive memory allocation in X.509...

5.3CVSS7.6AI score0.02376EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : java-11-openjdk-11.0.17.0.8-2.el7 (AXSA:2022-3906:14)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3906:14 advisory. OpenJDK: improper MultiByte conversion can lead to buffer overflow JGSS, 8286077 CVE-2022-21618 OpenJDK: excessive memory allocation in X.509...

5.3CVSS7.6AI score0.02376EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : dotnet6.0-6.0.132-1.el8_10.ML.1 (AXSA:2024-8570:14)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8570:14 advisory. dotnet: DoS when parsing X.509 Content and ObjectIdentifiers CVE-2024-38095 Tenable has extracted the preceding description block directly from the...

7.5CVSS5.5AI score0.02719EPSS
Exploits0References2
OSV
OSV
added 2026/01/09 2:6 p.m.5 views

OESA-2026-1043 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

4CVSS6.7AI score0.00203EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.5 views

Amazon Linux 2023 : captree, libcap, libcap-devel (ALAS2023-2025-1279)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1279 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL...

7.5CVSS7.3AI score0.00626EPSS
Exploits0References22
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-11927

Malware in sbrugna...

8.1CVSS8AI score0.0339EPSS
Exploits2References7
SUSE Linux
SUSE Linux
added 2025/08/01 1:6 p.m.5 views

Security update for gnutls

This update for gnutls fixes the following issues: CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK bsc1246299 CVE-2025-32988: Fix double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName bsc1246232 CVE-2025-32989: Fix...

9.2CVSS7.1AI score0.01185EPSS
Exploits0References16
OSV
OSV
added 2025/07/10 8:15 a.m.13 views

AZL-65088 CVE-2025-32989 affecting package gnutls for versions less than 3.7.11-4

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

5.3CVSS6.8AI score0.01179EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/02/10 12:0 a.m.6 views

GNU Transport Layer Security Library 3.8.9

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS 12, OpenPGP, and other...

6.9AI score
Exploits0
OSV
OSV
added 2024/02/13 9:53 p.m.4 views

USN-6634-1 dotnet6, dotnet7, dotnet8 vulnerabilities

Brennan Conroy discovered that .NET with SignalR did not properly handle malicious clients. An attacker could possibly use this issue to cause a denial of service. CVE-2024-21386 Bahaa Naamneh discovered that .NET with OpenSSL support did not properly parse X509 certificates. An attacker could...

7.5CVSS7.1AI score0.02707EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:52 a.m.3 views

SUSE CVE-2017-2784

An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack pointer leading to ...

8.1CVSS8.4AI score0.0339EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2023/01/12 8:36 a.m.4 views

OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...

5.3CVSS7.2AI score0.01746EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/12/07 10:47 a.m.8 views

OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...

5.3CVSS7.2AI score0.01746EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/10/20 10:26 a.m.5 views

OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...

5.3CVSS7.2AI score0.01746EPSS
Exploits0References4
Rows per page
Query Builder