Lucene search
K

20 matches found

OSV
OSV
added 2026/05/21 4:30 p.m.15 views

RLSA-2026:3840 Important: image-builder security update

A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in query...

7.5CVSS7AI score0.01945EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.8 views

RHCOS 4 : OpenShift Container Platform 4.16.58 (RHSA-2026:4464)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4464 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 - crypto/x509: golang: Denial of Service due ...

7.5CVSS7.3AI score0.00459EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2026/03/24 4:2 a.m.8 views

Important: Red Hat Security Advisory: osbuild-composer security update

An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

7.5CVSS6.8AI score0.01945EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : libreoffice-6.4.7.2-10.el8.ML.1 (AXSA:2022-3720:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3720:01 advisory. libreoffice: Content Manipulation with Double Certificate Attack CVE-2021-25633 libreoffice: Timestamp Manipulation with Signature Wrapping...

7.5CVSS7.5AI score0.00709EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-7227

Malware in sbrugna...

5.1CVSS6.1AI score0.00668EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/22 12:0 a.m.4 views

Dell Unity Trust Management Issues Vulnerabilities

Dell Unity is a suite of virtual Unity storage environments from Dell, Inc. A security vulnerability exists in Dell Unity versions prior to 5.3 that stems from a man-in-the-middle spoofing vulnerability in the vmadapter component. An attacker with access to a CA signed certificate could exploit...

8.6CVSS6.5AI score0.00295EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/05/11 12:0 a.m.37 views

RHEL 8 : libreoffice (RHSA-2022:1766)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1766 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor...

7.5CVSS7AI score0.00709EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2022/05/10 2:11 p.m.36 views

Moderate: Red Hat Security Advisory: libreoffice security, bug fix, and enhancement update

An update for libreoffice is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

7.5CVSS6.9AI score0.00709EPSS
Exploits0References8
OSV
OSV
added 2022/05/10 8:0 a.m.30 views

RLSA-2022:1766 Moderate: libreoffice security, bug fix, and enhancement update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

7.1CVSS6.3AI score0.00709EPSS
Exploits0References7
OSV
OSV
added 2022/05/10 8:0 a.m.28 views

ALSA-2022:1766 Moderate: libreoffice security, bug fix, and enhancement update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

7.5CVSS6.3AI score0.00709EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.31 views

CentOS 8 : libreoffice (CESA-2022:1766)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:1766 advisory. - libreoffice: Content Manipulation with Double Certificate Attack CVE-2021-25633 - libreoffice: Timestamp Manipulation with Signature Wrapping...

7.5CVSS6.9AI score0.00709EPSS
Exploits0References4
Cvelist
Cvelist
added 2021/10/11 4:43 p.m.21 views

CVE-2021-25633 Content Manipulation with Double Certificate Attack

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to...

7.5AI score0.00709EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/10/11 8:10 a.m.24 views

CVE-2021-41830 Double Certificate Attack

It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory...

7.6AI score0.01346EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/07/31 12:0 a.m.32 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2020-1804)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.05157EPSS
Exploits1References2
OSV
OSV
added 2019/12/26 7:15 p.m.4 views

CVE-2019-5274

USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in an infinite loop, an attacker may exploit the vulnerability via a malicious certificate to perform a denial of service...

7.5CVSS7.1AI score0.00477EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2019/07/08 3:8 p.m.158 views

A week in security (July 1 – 7)

Last week on Malwarebytes Labs, we explained what to do when you find stalkerware, how cooperating apps and automatic permissions are setting you up for failure, and why you should steer clear of Bitcoin Cash generators. Other cybersecurity news: A former Chief Information Officer CIO of Equifax...

6.8CVSS7.9AI score0.59893EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2017/01/25 8:4 p.m.5 views

openssl: Memory corruption in the ASN.1 encoder

A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an...

10CVSS7.5AI score0.77906EPSS
Exploits1References5
securityvulns
securityvulns
added 2004/10/14 12:0 a.m.98 views

ACROS Security: Poisoning Cached HTTPS Documents in Internet Explorer

Below please find our public report for the HTTPS cache poisoning issue in Internet Explorer. It includes workarounds for server operators, allowing them to protect their web services without having to rely on users to patch their browsers. Regards, ACROS Security http://www.acrossecurity.com...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2003/11/29 12:0 a.m.41 views

Internet explorer (and others) CA certificate attack

For intermediate CA only signature is checked, missed check for basic constaint allows to use any valid certificate as CA certificate...

4.9AI score
Exploits0References9Affected Software7
OSV
OSV
added 2003/11/17 5:0 a.m.4 views

DEBIAN-CVE-2003-0545

Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding...

9.8CVSS7.9AI score0.85449EPSS
Exploits0References1
Rows per page
Query Builder