46 matches found
stunnel bug fix update
An update is available for stunnel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Stunnel is a wrapper for network connections. It can be used to tunnel an...
OESA-2026-2506 qt6-qtbase security update
Qt is a software toolkit for developing applications. Security Fixes: An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted...
CVE-2025-14575 Uncontrolled Search Path Element in Qt Network OpenSSL TLS backend allows rogue CA certificate loading
An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...
EUVD-2024-16193
Malicious code in bioql PyPI...
Alibaba Cloud Linux 3 : 0146: python-cryptography (ALINUX3-SA-2025:0146)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0146 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-49083: cryptography is a package designed ...
python-cryptography: NULL-dereference when loading PKCS7 certificates
A null-pointer dereference vulnerability was found in python-cryptography during the loading of PKCS7 certificates. Invoking "loadpempkcs7certificates" or "loadderpkcs7certificates" can trigger this issue and lead to subsequent segmentation fault and result in a Denial of Service DoS for any...
python-cryptography security update
3.2.1-8 - Fix CVE-2023-49083: NULL-dereference when loading PKCS7 certificates, resolves RHEL-97452...
Oracle Linux 8 : python-cryptography (ELSA-2025-14553)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-14553 advisory. 3.2.1-8 - Fix CVE-2023-49083: NULL-dereference when loading PKCS7 certificates, resolves RHEL-97452 Tenable has extracted the preceding description block...
Moderate: python-cryptography security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
ALSA-2025:14553 Moderate: python-cryptography security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
BIT-LIBPYTHON-2024-0397 Memory race condition in ssl.SSLContext certificate store methods
A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...
python-cryptography: NULL-dereference when loading PKCS7 certificates
A null-pointer dereference vulnerability was found in python-cryptography during the loading of PKCS7 certificates. Invoking "loadpempkcs7certificates" or "loadderpkcs7certificates" can trigger this issue and lead to subsequent segmentation fault and result in a Denial of Service DoS for any...
python-cryptography: NULL-dereference when loading PKCS7 certificates
A null-pointer dereference vulnerability was found in python-cryptography during the loading of PKCS7 certificates. Invoking "loadpempkcs7certificates" or "loadderpkcs7certificates" can trigger this issue and lead to subsequent segmentation fault and result in a Denial of Service DoS for any...
CLSA-2025-1751144408 python3.9: Fix of CVE-2024-0397
CVE-2024-0397: fix memory race condition in ssl module's certstorestats and getcacerts methods by ensuring proper synchronization during certificates loading...
CVE-2020-11705
An issue was discovered in ProVide formerly zFTPServer through 13.1. /ajax/ImportCertificate allows an attacker to load an arbitrary certificate in .pfx format or overwrite arbitrary files via the fileName parameter...
USN-7346-3 opensc vulnerabilities
USN-7346-1 fixed vulnerabilities in OpenSC. The update introduced a regression which broke smartcard based authentication. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that OpenSC did not correctly handle certain memory operations...
BIT-PYTHON-MIN-2024-0397 Memory race condition in ssl.SSLContext certificate store methods
A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...
cpython: python: Memory race condition in ssl.SSLContext certificate store methods
A vulnerability was found in Python. A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time that certificates are...
cpython: python: Memory race condition in ssl.SSLContext certificate store methods
A vulnerability was found in Python. A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time that certificates are...
OESA-2024-1940 python3 security update
Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...