Lucene search
+L

523 matches found

alpinelinux
alpinelinux
added 2 days ago4 views

CVE-2026-59885

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER, CER, and DER decoders process OBJECT IDENTIFIER and RELATIVE-OID values in quadratic time relative to the number of arcs, so a small crafted payload containing an OID with many arcs consumes excessive CPU per decode call and c...

7.5CVSS6.1AI score0.00339EPSS
Exploits0
redhat
redhat
added 2026/07/08 2:32 p.m.4 views

openCryptoki: openCryptoki: Information disclosure and Denial of Service via malformed BER-encoded cryptographic objects

A flaw was found in openCryptoki, a PKCS11 Cryptographic Token Interface Standard library. The BER/DER Basic Encoding Rules/Distinguished Encoding Rules decoding functions in the shared common library do not properly validate attacker-controlled length fields against actual buffer boundaries. Thi...

6.8CVSS6.1AI score0.0016EPSS
Exploits1References6
redhat
redhat
added 2026/07/08 2:20 p.m.8 views

Moderate: Red Hat Security Advisory: opencryptoki security update

An update for opencryptoki is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

6.8CVSS6AI score0.0016EPSS
Exploits1References2
osv
osv
added 2026/07/02 2:13 p.m.4 views

PYSEC-2026-636 Code injection in FreeIPA

A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function berscanf was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker who could trigger...

8.8CVSS6.1AI score0.06329EPSS
Exploits0References13
osv
osv
added 2026/06/29 3:19 p.m.3 views

SUSE-SU-2026:2685-1 Security update for openCryptoki

This update for openCryptoki fixes the following issue: - CVE-2026-40253: malformed BER-encoded cryptographic objects can lead to information disclosure and denial of service bsc1262283...

6.8CVSS5.8AI score0.0016EPSS
Exploits1References3
osv
osv
added 2026/06/24 12:5 p.m.6 views

RLSA-2026:28231 Moderate: opencryptoki security update

The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...

6.8CVSS5.9AI score0.0016EPSS
Exploits1References2
rocky
rocky
added 2026/06/24 12:3 p.m.9 views

opencryptoki security update

An update is available for opencryptoki. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The opencryptoki packages contain version 2.11 of the PKCS11 API,...

6.8CVSS5.9AI score0.0016EPSS
Exploits1
redhat
redhat
added 2026/06/23 7:23 p.m.8 views

Moderate: Red Hat Security Advisory: opencryptoki security update

An update for opencryptoki is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

6.8CVSS5.9AI score0.0016EPSS
Exploits1References2
redhat
redhat
added 2026/06/23 7:23 p.m.8 views

openCryptoki: openCryptoki: Information disclosure and Denial of Service via malformed BER-encoded cryptographic objects

A flaw was found in openCryptoki, a PKCS11 Cryptographic Token Interface Standard library. The BER/DER Basic Encoding Rules/Distinguished Encoding Rules decoding functions in the shared common library do not properly validate attacker-controlled length fields against actual buffer boundaries. Thi...

6.8CVSS6AI score0.0016EPSS
Exploits1References6
almalinux
almalinux
added 2026/06/23 12:0 a.m.4 views

Moderate: opencryptoki security update

The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...

6.8CVSS5.8AI score0.0016EPSS
Exploits1References4
redhat
redhat
added 2026/06/17 1:55 a.m.11 views

389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

7.5CVSS5.2AI score0.00815EPSS
Exploits0References4
redhat
redhat
added 2026/06/16 4:5 p.m.12 views

openCryptoki: openCryptoki: Information disclosure and Denial of Service via malformed BER-encoded cryptographic objects

A flaw was found in openCryptoki, a PKCS11 Cryptographic Token Interface Standard library. The BER/DER Basic Encoding Rules/Distinguished Encoding Rules decoding functions in the shared common library do not properly validate attacker-controlled length fields against actual buffer boundaries. Thi...

6.8CVSS5.5AI score0.0016EPSS
Exploits1References6
susecve
susecve
added 2026/06/12 2:32 a.m.12 views

SUSE CVE-2026-11788

A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure...

7.5CVSS5.5AI score0.00346EPSS
Exploits0References3
packetstormnews
packetstormnews
added 2026/06/11 12:0 a.m.12 views

ASN.1-Compliant CLDAP Validator

This Metasploit module implements a production-grade CLDAP LDAP over UDP validator that strictly follows ASN.1 BER encoding rules. It builds compliant LDAP search requests for Netlogon verification using carefully structured BER encoders for integers, strings, sequences, and filters. It can be us...

9.8CVSS5.3AI score0.72253EPSS
Exploits32
suse
suse
added 2026/06/10 3:8 p.m.6 views

Security update for openCryptoki

This update for openCryptoki fixes the following issue: CVE-2026-40253: malformed BER-encoded cryptographic objects can lead to information disclosure and denial of service bsc1262283. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

7CVSS5.4AI score0.0016EPSS
Exploits1References4
osv
osv
added 2026/06/10 3:8 p.m.7 views

SUSE-SU-2026:2355-1 Security update for openCryptoki

This update for openCryptoki fixes the following issue: - CVE-2026-40253: malformed BER-encoded cryptographic objects can lead to information disclosure and denial of service bsc1262283...

6.8CVSS5.4AI score0.0016EPSS
Exploits1References3
osv
osv
added 2026/06/09 2:16 p.m.10 views

DEBIAN-CVE-2026-11788

A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure...

7.5CVSS5.5AI score0.00346EPSS
Exploits0References1
nvd
nvd
added 2026/06/09 2:16 p.m.11 views

CVE-2026-11788

A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure...

7.5CVSS0.00346EPSS
Exploits0References2
osv
osv
added 2026/06/09 2:16 p.m.10 views

UBUNTU-CVE-2026-11788

A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure...

7.5CVSS5.3AI score0.00346EPSS
Exploits0References5
cve
cve
added 2026/06/09 1:2 p.m.35 views

CVE-2026-11788

The vulnerability CVE-2026-11788 affects 389 Directory Server (389-ds-base) in the dereference control plugin BER parser. The root cause is that the plugin does not check for BER allocation failures before using structures, enabling a null pointer/dereference scenario that can crash the LDAP serv...

7.5CVSS5.5AI score0.00346EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder