CVE-2026-37229

CVE-2026-37229 affects FlexRIC v2.0.0. A reachable assertion in e2ap_create_pdu() is triggered when ASN.1 PER decoding fails, allowing a remote unauthenticated attacker to send a non-PER byte sequence (e.g., 0x00) over SCTP to the near-RT RIC at port 36421 or iApp at port 36422 to crash the proce...

CVE-2026-44905

Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the cryptographic verification pipeline of Vanetza. When processing incoming V2X messages, the ASN.1 decoder accepts the structure as syntactically...

MGASA-2026-0094 Updated squid packages fix security vulnerabilities

Squid mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asnbuildobjid in lib/snmplib/asn1.c. CVE-2025-59362 Squid vulnerable to information disclosure via authentication credential leakage in error handling. CVE-2025-62168 Squid vulnerable to Denial of Service in ICP Request handling...

CLSA-2026-1775034352 squid: Fix of CVE-2025-59362

CVE-2025-59362: fix mishandling of ASN.1 encoding of long SNMP OIDs in lib/snmplib/asn1.c asnbuildobjid...

MiracleLinux 8 : krb5-1.18.2-8.el8 (AXSA:2021-1843:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1843:01 advisory. krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1encode.c may lead to DoS CVE-2020-28196 Tenable has extracted the...

Siemens SIMATIC S7-1500 Off-by-one Error (CVE-2021-46848)

GNU Libtasn1 before 4.19.0 has an ETYPEOK off-by-one array size check that affects asn1encodesimpleder. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

ROS-20251112-01

Squid proxy server vulnerability related to data boundary checking errors during encoding processing ASN.1 long SNMP OIDs in asnbuildobjid function in lib/snmplib/asn1.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service Vulnerability of emailerrdata...

Debian dla-4369 : squid - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4369 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4369-1 [email protected]...

Updated golang packages fix security vulnerabilities

Insufficient validation of bracketed IPv6 hostnames in net/url. CVE-2025-47912 Unbounded allocation when parsing GNU sparse map in archive/tar. CVE-2025-58183 Parsing DER payload can cause memory exhaustion in encoding/asn1. CVE-2025-58185 Lack of limit when parsing cookies can cause memory...

CVE-2025-58185

Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory exhaustion...

TencentOS Server 4: squid (TSSA-2025:0752)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0752 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Important: squid

Issue Overview: Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asnbuildobjid in lib/snmplib/asn1.c. CVE-2025-59362 Affected Packages: squid Issue Correction: Run dnf update squid --releasever 2023.9.20251014 or dnf update --advisory ALAS2023-2025-1219 --releasever...

SUSE-SU-2025:03547-1 Security update for go1.25

This update for go1.25 fixes the following issues: go1.25.2 released 2025-10-07 includes security fixes to the archive/tar, crypto/tls, crypto/x509, encoding/asn1, encoding/pem, net/http, net/mail, net/textproto, and net/url packages, as well as bug fixes to the compiler, the runtime, and the...

EUVD-2025-31363

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-46848

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Libtasn1 before 4.19.0 has an ETYPEOK off-by-one array size check that affects asn1encodesimpleder. CVE-2021-46848 Note that Nessus relies on the presence o...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the ASN1ObjectIdentifier. An attacker can cause excessive resource consumption by submitting specially crafted ASN.1 Object Identifiers, potentially leading to service disruption...

CLSA-2025-1746653770 libtasn1: Fix of CVE-2021-46848

CVE-2021-46848: fix ETYPEOK off-by-one array size check in asn1encodesimpleder...

CLSA-2025-1746653404 libtasn1: Fix of CVE-2021-46848

CVE-2021-46848: fix ETYPEOK off-by-one array size check in asn1encodesimpleder...

OESA-2024-1700 grub2 security update

GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: GNU Libtasn1 before 4.19.0 has an ETYPEOK off-by-one array size check that affects asn1encodesimpleder.CVE-2021-46848...

OESA-2024-1699 grub2 security update

GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: GNU Libtasn1 before 4.19.0 has an ETYPEOK off-by-one array size check that affects asn1encodesimpleder.CVE-2021-46848...