Astra Linux - уязвимость в openconnect

OpenConnect 8.09 has a buffer overflow issue, which can lead to a denial of service application crash or potentially cause unspecified other problems, due to the use of crafted certificate data in the getcertname function within gnutls.c...

Tor 代码问题漏洞

Tor is a virtual tunnel network operated by the Tor Project organization. It allows individuals and groups to enhance their privacy and security on the Internet. Versions of Tor prior to 0.4.9.7 contained a code vulnerability caused by a null pointer dereferencing when the CERT unit received data...

CVE-2026-5379

An issue that allowed MCP agents to access certificate information from outside of their authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N 3.0 Low. This issue wa...

CVE-2026-5379

The CVE-2026-5379 issue affects the runZero Platform (MCP certification workflow). It describes a vulnerability where MCP agents could access certificate information outside their authorized organization scope due to improper authorization (CWE-863). The documented impact is low (CVSS v3.1: 3.0) ...

runZero Platform 安全漏洞

runZero Platform is an asset discovery and attack surface management platform developed by the US company runZero. Versions of runZero Platform prior to 4.0.260203.0 contained security vulnerabilities. These vulnerabilities were due to improper authorization, which could allow the MCP proxy to...

PT-2026-30874

Name of the Vulnerable Software and Affected Versions runZero Platform versions prior to 4.0.260203.0 Description A flaw allowed MCP agents to access certificate information beyond their authorized organizational boundaries. This is categorized as CWE-863: Incorrect Authorization. Recommendations...

CVE-2026-3229

An integer overflow vulnerability existed in the static function wolfssladdtochain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssladdtochain is called by these API: wolfSSLCTXaddextrachaincert,...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to improper handling of integer values in the wolfssladdtochain function. An attacker can cause heap corruption and potentially execute arbitrary code or crash the application by supplying specially crafte...

EUVD-2026-13208

An integer overflow vulnerability existed in the static function wolfssladdtochain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssladdtochain is called by these API: wolfSSLCTXaddextrachaincert,...

DEBIAN-CVE-2026-3229

An integer overflow vulnerability existed in the static function wolfssladdtochain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssladdtochain is called by these API: wolfSSLCTXaddextrachaincert,...

CVE-2026-3229

An integer overflow vulnerability existed in the static function wolfssladdtochain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssladdtochain is called by these API: wolfSSLCTXaddextrachaincert,...

UBUNTU-CVE-2026-3229

An integer overflow vulnerability existed in the static function wolfssladdtochain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssladdtochain is called by these API: wolfSSLCTXaddextrachaincert,...

PT-2026-26365

Name of the Vulnerable Software and Affected Versions wolfssl affected versions not specified Description An integer overflow issue was identified in the wolfssl add to chain function, leading to heap corruption when certificate data exceeded the bounds of the certificate buffer. The function is...

NewStart CGSL MAIN 6.06 (SP) : krb5 Multiple Vulnerabilities (NS-SA-2026-0007)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has krb5 packages installed that are affected by multiple vulnerabilities: - plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers t...

EulerOS Virtualization 2.10.0 : libtasn1 (EulerOS-SA-2026-1179)

According to the versions of the libtasn1 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a...

MiracleLinux 7 : sssd-1.16.5-10.el7.15 (AXSA:2023-4853:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4853:02 advisory. sssd: libssscertmap fails to sanitise certificate data used in LDAP filters CVE-2022-4254 Tenable has extracted the preceding description block directly from...

FreeRDP Heap Buffer Overflow Vulnerability (GHSA-h78c-5cjx-jw6x)

FreeRDP is prone to a heap buffer overflow vulnerability. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:freerdpproject:freerdp"...

CVE-2025-68118 Potential Heap Out-of-Bounds Read in freerdp_certificate_data_hash_ via Unsafe _snprintf Usage

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.0, a vulnerability exists in FreeRDP’s certificate handling code on Windows platforms. The function freerdpcertificatedatahash uses the Microsoft-specific snprintf function to format certificate cache filenames...

CLSA-2025-1763025415 libtasn1: Fix of CVE-2024-12133

CVE-2024-12133: fix inefficient handling of specific certificate data in libtasn1 to prevent denial of service attacks...

CVE-2025-64323

kgateway’s xDS interface lacks authentication in affected versions (2.0.4 and earlier, and 2.1.0-agw-cel-rbac through 2.1.0-rc.2). An unauthenticated client with unrestricted network access can retrieve sensitive configuration data from the xDS port (certificate data, backend service information,...