1381 matches found
WordPress Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) plugin 3.4.0-3.4.1.1 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover vulnerability
Privacy-Friendly WordPress Analytics Google Analytics Alternative plugin 3.4.0-3.4.1.1 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover vulnerability discovered by ? in WordPress Plugin Burst Statistics versions 3.4.0-3.4.1.1...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: golang (UTSA-2026-016811)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016811 advisory. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes...
CLSA-2026-1778261301 Update of alt-php
Miscellaneous upstream changes - xfrm: esp: avoid in-place decrypt on shared skb frags...
JLSEC-2026-409
An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS...
gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name
A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name SAN could cause the validation process to incorrectly fall back to checking the Common Name CN field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to...
gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...
gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
SUSE CVE-2026-3833
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
ALPINE-CVE-2026-3833
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
CVE-2026-3833
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
EUVD-2026-26403
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
CVE-2026-3833 Gnutls: gnutls: policy bypass due to case-sensitive nameconstraints comparison
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
CVE-2026-3833
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtrees. A remote attacker can exploit this by crafting a leaf...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to improper handling of Uniform Resource Identifier URI and Service SRV Subject Alternative Names SANs in the certificate validation process. An attacker can intercept sensitive information or...
Improper Validation of Specified Quantity in Input
Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input due to improper handling of oversized Subject Alternative Name fields during certificate validation. An attacker can bypass certificate validation by crafting a certificate with an...
[SECURITY] Fedora 44 Update: tinyproxy-1.11.2-7.fc44
tinyproxy is a small, efficient HTTP/SSL proxy daemon that is very useful in a small network setting, where a larger proxy like Squid would either be too resource intensive, or a security risk...
CLSA-2026-1776965055 Fix CVE(s): CVE-2025-32988, CVE-2025-32990
SECURITY UPDATE: heap buffer overflow in certtool template parsing - debian/patches/CVE-2025-32990.patch: use callocMAXENTRIES + 1 instead of mallocMAXENTRIES in READMULTILINE and READMULTILINETOKENIZED macros in src/certtool-cfg.c. - CVE-2025-32990 SECURITY UPDATE: double free when exporting...
CVE-2026-31497
The CVE-2026-31497 entry concerns the Linux kernel Bluetooth USB (btusb) driver. The issue arises in btusb_work(), which maps the number of active SCO links to USB alternate settings using a three-entry table. It indexes alts[] with data->sco_num - 1 without constraining sco_num to the number ...
Exploit for CVE-2024-12029
Alternative-Approach-Reverse-Shell-Callback-Test-InvokeAI-RCE...
CLEANSTART-2026-QO20135 When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint
Multiple security vulnerabilities affect the minio-operator-fips package. When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. See references for individual...