CVE-2026-4649

Summary: CVE-2026-4649 describes an authentication bypass in Apache Artemis prior to 2.52.0, enabling reading all messages and injecting new messages. KNIME Business Hub uses Artemis, so it is affected, though Artemis is not exposed publicly; an attacker would need at least normal user privileges...

CVE-2026-32642

Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...

CVE-2026-33308

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to the private key for a valid certificate issued by a CA trusted for TLS...

UBUNTU-CVE-2026-33308

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to the private key for a valid certificate issued by a CA trusted for TLS...

CVE-2026-33307

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior to 0.12.3 and 0.13.0, code for client certificate verification imported the certificate chain sent by the client into a fixed size gnutlsx509crtt x509 array without checking the number of certificates is less than or...

UBUNTU-CVE-2026-33307

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior to 0.12.3 and 0.13.0, code for client certificate verification imported the certificate chain sent by the client into a fixed size gnutlsx509crtt x509 array without checking the number of certificates is less than or...

CVE-2026-33307

Mod_gnutls (Apache HTTPD TLS module) is affected by CVE-2026-33307 in versions prior to 0.12.3 and 0.13.0. The vulnerability arises from importing the client certificate chain into a fixed-size gnutls_x509_crt_t x509[] array without validating the number of certificates against the array length, ...

CVE-2026-33307 mod_gnutils has stack-based buffer overflow caused by a long client certificate chain

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior to 0.12.3 and 0.13.0, code for client certificate verification imported the certificate chain sent by the client into a fixed size gnutlsx509crtt x509 array without checking the number of certificates is less than or...

[SECURITY] Fedora 42 Update: python-diskcache-5.6.3-12.fc42

DiskCache is an Apache2 licensed disk and file backed cache library, written in pure-Python, and compatible with Django...

[SECURITY] Fedora 43 Update: python-diskcache-5.6.3-12.fc43

DiskCache is an Apache2 licensed disk and file backed cache library, written in pure-Python, and compatible with Django...

PT-2026-27354

Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message CVE-2026-27446 https://www.cve.org/CVERecord . Since KNIME Business Hub uses Apache Artemis it is also affected by the issue...

PT-2026-27302

Name of the Vulnerable Software and Affected Versions Mod gnutls versions prior to 0.12.3 Mod gnutls versions prior to 0.13.0 Description Mod gnutls is a TLS module for Apache HTTPD based on GnuTLS. The software contains an issue where code for client certificate verification imports the...

PT-2026-27303

Name of the Vulnerable Software and Affected Versions Mod gnutls versions prior to 0.13.0 Description Mod gnutls, a TLS module for Apache HTTPD based on GnuTLS, had an issue where the code for client certificate verification did not validate the key purpose as defined in the Extended Key Usage...

mod_gnutls 安全漏洞

modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Versions of modgnutls prior to 0.12.3 and 0.13.0 have security vulnerabilities. These vulnerabilities stem from the fact that client certificate verification does not check the length of the certificate chain, which may lead to...

Apache Artemis 安全漏洞

Apache Artemis is a messaging broker software developed by the Apache Foundation. Versions of Apache Artemis such as 2.52.0 and earlier, as well as Apache ActiveMQ Artemis versions like 2.44.0 and earlier, have security vulnerabilities. These vulnerabilities stem from improper authorization, whic...

About the security content of macOS Sequoia 15.7.5

About the security content of macOS Sequoia 15.7.5 This document describes the security content of macOS Sequoia 15.7.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

macOS 26.x < 26.4 Multiple Vulnerabilities (126794)

The remote host is running a version of macOS / Mac OS X that is 26.x prior to 26.4. It is, therefore, affected by multiple vulnerabilities: - A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. A user may be able to elevate privileges. CVE-2026-20631 - When...

macOS 14.x < 14.8.5 Multiple Vulnerabilities (126796)

The remote host is running a version of macOS / Mac OS X that is 14.x prior to 14.8.5. It is, therefore, affected by multiple vulnerabilities: - A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. A...

About the security content of macOS Sonoma 14.8.5

About the security content of macOS Sonoma 14.8.5 This document describes the security content of macOS Sonoma 14.8.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or release...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.0.1.15)

The version of AOS installed on the remote host is prior to 7.0.1.15. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.0.1.15 advisory. - urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTT...