Security update for curl

This update for curl fixes the following issues: CVE-2025-14524: Fixed bearer token leak on cross-protocol redirect bsc1255731 CVE-2025-15079: Fixed unknown host connection acceptance when set in the global knownhostsfile bsc1255733 CVE-2025-14819: Fixed issue where alteration of...

SUSE-SU-2026:0066-1 Security update for curl

This update for curl fixes the following issues: - CVE-2025-14524: Fixed bearer token leak on cross-protocol redirect bsc1255731 - CVE-2025-15079: Fixed unknown host connection acceptance when set in the global knownhostsfile bsc1255733 - CVE-2025-14819: Fixed issue where alteration of...

CVE-2025-68118

FreeRDP prior to version 3.20.0 contains a heap-out-of-bounds-read vulnerability in certificate handling. The function freerdp_certificate_data_hash_ uses Microsoft’s _snprintf to format certificate cache filenames without guaranteed NUL termination when truncation occurs. If an attacker controls...

PT-2025-51934

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A flaw exists in the certificate handling code on Windows platforms. The freerdp certificate data hash function utilizes the snprintf...

EUVD-2011-2809

Malware in sbrugna...

EUVD-2021-28981

Malicious code in bioql PyPI...

io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support

A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading...

GLSA-202405-08 : strongSwan: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202405-08 strongSwan: Multiple Vulnerabilities - The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger...

SUSE CVE-2021-41991

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random...

Proof-of-concept released for Windows CryptoAPI vulnerability

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary CVE-2022-34689 is a critical vulnerability in Windows CryptoAPI that was publicly announced by Microsoft in October 2022. The vulnerability allows an attacker to masquerade as a legitimate entity by...

FreeBSD : strongswan - denial-of-service vulnerability in the gmp plugin/denial-of-service vulnerability in the in-memory certificate cache (58528a94-5100-4208-a04d-edc01598cf01)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 58528a94-5100-4208-a04d-edc01598cf01 advisory. - The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted...

OESA-2021-1408 strongswan security update

The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key exchange protocols in conjunction with the native NETKEY IPsec stack of the Linux kernel. Security Fixes: The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS...

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator but this is not done correctly. Remote code execution might be a slight possibility.

...

openSUSE 15 Security Update : strongswan (openSUSE-SU-2021:3467-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3467-1 advisory. - The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For...

SUSE SLED15 / SLES15 Security Update : strongswan (SUSE-SU-2021:3467-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3467-1 advisory. - The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For...

CVE-2021-41991

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random...

SUSE-SU-2021:3468-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2021-41991: Fixed an integer overflow when replacing certificates in cache. bsc1191435...

SUSE-SU-2021:14827-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2021-41991: Fixed an integer overflow when replacing certificates in cache. bsc1191435...

USN-5111-1 strongswan vulnerabilities

It was discovered that strongSwan incorrectly handled certain RSASSA-PSS signatures. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. CVE-2021-41990 It was discovered that strongSwan incorrectly handled replacing certificates in the cache. A...

USN-5111-1: strongSwan vulnerabilities

It was discovered that strongSwan incorrectly handled certain RSASSA-PSS signatures. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. CVE-2021-41990 It was discovered that strongSwan incorrectly handled replacing certificates in the cache. A...