Lucene search
K

3646 matches found

Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.14 views

PT-2026-43712

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 17.0 through 26.2.5.20 Erlang OTP versions 27.x prior to 27.3.4.12 Erlang OTP versions 28.x prior to 28.5.0.1 Erlang OTP versions 29.x prior to 29.0.1 public key versions 0.22 through 1.15.1.6 public key versions 1.17.x pri...

8CVSS5.9AI score0.00322EPSS
Exploits0References40
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-3012

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Samba's certificate auto-enrollment Group Policy handling. When certificate auto- enrollment is enabled, Samba may retrieve a CA certificate...

8CVSS5.4AI score0.00261EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/26 5:16 p.m.14 views

CVE-2026-48697

FastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS connections. The executewebrequestsecure function in src/fastlibrary.cpp creates a boost::asio::ssl::context with tlsclient mode and calls setdefaultverifypaths to load CA certificates, but never calls...

7.4CVSS5.8AI score0.00164EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/26 2:55 p.m.23 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.4 security update

Important: Red Hat OpenShift GitOps v1.20.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions GITOPS-9549...

9.6CVSS5.8AI score0.00505EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2026/05/26 2:49 p.m.20 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.4 security update

Important: Red Hat OpenShift GitOps v1.19.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions...

9.8CVSS6.6AI score0.01735EPSS
Exploits4References7
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.16 views

PT-2026-43438

Name of the Vulnerable Software and Affected Versions Samba affected versions not specified Description A flaw exists in the handling of certificate auto-enrollment Group Policy. When this feature is enabled, Samba may retrieve a CA certificate via an unencrypted HTTP connection and install it in...

8CVSS5.8AI score0.02669EPSS
Exploits0References103
SUSE CVE
SUSE CVE
added 2026/05/21 2:47 a.m.21 views

SUSE CVE-2024-0397

A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...

4.8CVSS6.8AI score0.00804EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2026/05/21 2:42 a.m.16 views

SUSE CVE-2025-14575

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...

1.8CVSS5.8AI score0.0009EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Network-Manager

It was found that nmcli, a command-line interface for NetworkManager, does not honor the 802-1x.ca-path and 802-1x.phase2-ca-path settings when creating a new profile. When a user connects to a network using this profile, authentication does not occur, and the connection is made insecurely...

4.3CVSS6.2AI score0.00983EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/20 3:2 a.m.4 views

SUSE CVE-2025-6037

Vault and Vault Enterprise “Vault” TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as +trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/certcertificate. In this configuration, an attacker may be able to...

6.8CVSS6AI score0.00223EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/19 4:42 p.m.18 views

EUVD-2026-30958

Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing authenticated users to write arbitrary entries to /etc/hosts, /etc/resolv.conf, and...

9.6CVSS6AI score0.0024EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/19 4:42 p.m.13 views

CVE-2026-47107 Windmill < 1.703.2 Incorrect Default Permissions in nsjail Configuration

Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing authenticated users to write arbitrary entries to /etc/hosts, /etc/resolv.conf, and...

8.6CVSS6AI score0.0024EPSS
Exploits0References4
CVE
CVE
added 2026/05/19 1:1 p.m.23 views

CVE-2025-14575

An Uncontrolled Search Path Element vulnerability affects the Qt Network (qtbase) OpenSSL TLS backend in the Qt Framework (Unix). A crafted certificate file placed in the application’s working directory can cause the loading of a rogue CA certificate as a trusted system authority. Local attacker ...

1.8CVSS5.8AI score0.0009EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/05/18 8:23 p.m.4 views

au.csiro.pathling:encoders (>=6.2.2 <=9.6.0), au.csiro.pathling:fhir-server (>=6.2.2 <=7.2.0) +220 more potentially affected by CVE-2026-45367 via ca.uhn.hapi.fhir:org.hl7.fhir.r4 (>=6.0.0 <=6.9.6)

ca.uhn.hapi.fhir:org.hl7.fhir.r4 MAVEN version =6.0.0, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =8.10.0 and more Source cves: CVE-2026-45367 Source advisory: SNYK:JAVA-CAUHNHAPIFHIR-16757888...

5.4AI score0.00086EPSS
Exploits0
Hacker One
Hacker One
added 2026/05/14 11:36 a.m.26 views

curl: CURLOPT_PROXY_CAINFO_BLOB silently activates native CA store on Apple builds

Hi all, CURLOPTPROXYCAINFOBLOB introduced 7.77.0 never sets proxyssl.customcablob. On USEAPPLESECTRUST / CURLCANATIVE builds this causes curl to silently fall back to the system keychain for proxy TLS verification, nullifying the caller's blob-only trust policy. --- Root cause lib/setopt.c handle...

5.9AI score
Exploits0
NVD
NVD
added 2026/05/12 8:16 p.m.10 views

CVE-2026-34688

CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service...

6.2CVSS0.00255EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/06 8:38 p.m.10 views

CVE-2026-40243

Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN database connection logic can allow connections to an attacker's OVN database. The OVN client implementations disable Go standard TLS server verification and replace it with...

4.8CVSS5.8AI score0.00173EPSS
Exploits1
Hacker One
Hacker One
added 2026/05/06 7:20 p.m.23 views

curl: mbedTLS private-key blob null-termination asymmetry in lib/vtls/mbedtls.c (mbed_load_privkey)

Summary: In lib/vtls/mbedtls.c, function mbedloadprivkey lines 653-738 passes raw sslkeyblob-data and sslkeyblob-len directly to mbedtlspkparsekey at lines 706-708 mbedTLS 4.x branch and 718-722 mbedTLS 3.x branch, without ensuring null-termination. The mbedTLS API contract for mbedtlspkparsekey...

5.7AI score
Exploits0
Chainguard
Chainguard
added 2026/05/06 7:17 p.m.13 views

CVE-2026-41889 vulnerabilities

Vulnerabilities for packages: falcosidekick, envoy-gateway, gitlab-cng, keda, k3s, argo-workflows-fips, gitness, spicedb, pgwatch, chainloop-control-plane, temporal-fips, src, zitadel, cerbos, openfga, trillian-fips, gitaly-fips, hydra, ferretdb, seaweedfs-fips, spire-server, keda-fips, trillian,...

9.8CVSS5.9AI score0.00356EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

RHCOS 4 : OpenShift Container Platform 4.8.2 (RHSA-2021:2437)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2437 advisory. - golang: crypto/elliptic: incorrect operations on the P-224 curve CVE-2021-3114 - gogo/protobuf: plugin/unmarshal/unmarshal.go lack...

8.6CVSS5.8AI score0.11308EPSS
Exploits2References23
Rows per page
Query Builder