43 matches found
CVE-2026-34180
Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of Service or to...
Astra Linux – Vulnerability in OpenLDAP
A flaw was discovered in ldapX509dn2bv in OpenLDAP before version 2.4.57, which led to a crash in slapd during X.509 DN parsing in adkeystring, resulting in a denial of service...
[SECURITY] Fedora 44 Update: gnutls-3.8.13-1.fc44
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...
CLSA-2026-1777310722 openldap: Fix of 15 CVEs
CVE-2019-13565: SASL session encryption SSF not reset on new connection, allowing downgrade - CVE-2020-12243: slapd crash via deeply nested LDAP search filter boolean expressions - CVE-2020-25692: NULL pointer dereference in slapd during modRDN request - CVE-2020-25709: slapd assertion failure...
CLSA-2025-1758636652 openldap: Fix of 14 CVEs
Rebase to 2.4.58 to fix the following vulnerabilities: - CVE-2020-12243: fix denial of service caused by LDAP search filters with nested boolean expressions - CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing - CVE-2020-36223: fix slapd crash in the Values Return...
CVE-2026-34610
A flaw was found in the leancrypto cryptographic library. A remote attacker can exploit an integer overflow vulnerability in the lcx509extractnamesegment function when processing the Common Name CN field of an X.509 certificate. By crafting a specially designed certificate, an attacker can cause...
MiracleLinux 9 : java-11-openjdk-11.0.17.0.8-2.el9 (AXSA:2022-4117:18)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4117:18 advisory. OpenJDK: improper MultiByte conversion can lead to buffer overflow JGSS, 8286077 CVE-2022-21618 OpenJDK: excessive memory allocation in X.509...
MiracleLinux 7 : java-11-openjdk-11.0.17.0.8-2.el7 (AXSA:2022-3906:14)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3906:14 advisory. OpenJDK: improper MultiByte conversion can lead to buffer overflow JGSS, 8286077 CVE-2022-21618 OpenJDK: excessive memory allocation in X.509...
MiracleLinux 8 : dotnet6.0-6.0.132-1.el8_10.ML.1 (AXSA:2024-8570:14)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8570:14 advisory. dotnet: DoS when parsing X.509 Content and ObjectIdentifiers CVE-2024-38095 Tenable has extracted the preceding description block directly from the...
OESA-2026-1043 gnutls security update
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...
Amazon Linux 2023 : captree, libcap, libcap-devel (ALAS2023-2025-1279)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1279 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL...
EUVD-2017-11927
Malware in sbrugna...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK bsc1246299 CVE-2025-32988: Fix double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName bsc1246232 CVE-2025-32989: Fix...
AZL-65088 CVE-2025-32989 affecting package gnutls for versions less than 3.7.11-4
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
GNU Transport Layer Security Library 3.8.9
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS 12, OpenPGP, and other...
USN-6634-1 dotnet6, dotnet7, dotnet8 vulnerabilities
Brennan Conroy discovered that .NET with SignalR did not properly handle malicious clients. An attacker could possibly use this issue to cause a denial of service. CVE-2024-21386 Bahaa Naamneh discovered that .NET with OpenSSL support did not properly parse X509 certificates. An attacker could...
SUSE CVE-2017-2784
An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack pointer leading to ...
OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...
OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...
OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533)
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...