EUVD-2026-34038

x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number...

Linux Distros Unpatched Vulnerability : CVE-2026-27145

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, . t...

CVE-2026-27145

x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number...

CVE-2026-35563

The CVE-2026-35563 concerns the Apache Directory LDAP API LDAP client (v2.1.7) failing to verify that the server certificate matches the intended LDAP hostname. Root cause: incomplete TLS server identity verification. Impact: potential server impersonation and complete connection compromise over ...

Apache Thrift 安全漏洞

Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a security vulnerability, which was caused by improper validation of certificate-hostname mismatches...

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

CVE-2026-24932

The DDNS update function in ADM fails to properly validate the hostname of the DDNS server's TLS/SSL certificate. Although the connection uses HTTPS, an improper validated TLS/SSL certificates allows a remote attacker can intercept the communication to perform a Man-in-the-Middle MitM attack, whi...

Security Bulletin: Multiple Vulnerabilities affects IBM Data Studio Client 4.2.0

Summary Security Fix of multiple Vulnerabilities of IBM Data Studio Client 4.2.0 Vulnerability Details CVEID:CVE-2021-2163 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high...

MiracleLinux 4 : axis-1.2.1-7.3.AXS4 (AXSA:2013-129:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-129:01 advisory. Apache AXIS is an implementation of the SOAP Simple Object Access Protocol submission to W3C. From the draft W3C specification: SOAP is a lightweight protocol...

EUVD-2012-5676

Malware in sbrugna...

Unity Linux 20.1070e Security Update: nodejs (UTSA-2025-680625)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680625 advisory. Accepting arbitrary Subject Alternative Name SAN types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained...

EUVD-2022-0279

Malicious code in bioql PyPI...

Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766.

...

Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname.

...

JRuby-OpenSSL 安全漏洞

JRuby-OpenSSL is an add-on gem for JRuby from the JRuby team. A security vulnerability exists in JRuby-OpenSSL versions prior to 0.12.1 through 0.15.4, which stems from insufficient certificate hostname validation and could lead to a man-in-the-middle attack...

RHEL 6 : pywbem (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pywbem: failure to check certificate hostname CVE-2013-6444 - PyWBEM 0.7 and earlier uses a separate...

RHEL 7 : pywbem (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pywbem: failure to check certificate hostname CVE-2013-6444 - PyWBEM 0.7 and earlier uses a separate...

CVE-2024-35299

In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper certificate hostname validation...

PT-2023-19687 · Dell · Dell Networker

Name of the Vulnerable Software and Affected Versions: Dell NetWorker affected versions not specified Description: The issue is related to an Improper Validation of Certificate with Host Mismatch vulnerability in the Rabbitmq port. This could disallow replacing CA signed certificates...

SUSE CVE-2007-5770

The 1 Net::ftptls, 2 Net::telnets, 3 Net::imap, 4 Net::pop, and 5 Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName CN field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL...