Lucene search
K

476 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: X.509: Fixed out-of-bounds access during the parsing of extensions Leo reports a situation where out-of-bounds access occurs during the parsing of a certificate with empty Basic Constraints or Key Usage extensions. This occurs...

7.1CVSS5.7AI score0.00081EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.10 views

RHEL 9 : runc (RHSA-2026:25253)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:25253 advisory. The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. Security Fixes:...

10CVSS5.7AI score0.01945EPSS
Exploits3References10
Cvelist
Cvelist
added 2026/06/09 11:50 p.m.43 views

CVE-2026-47838 Unauthorized User Impersonation when Using X.509 Client Certificates

SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user. Affected versions: Spring Security 5.7....

6.8CVSS0.00116EPSS
Exploits0References1
Spring Security Advisories
Spring Security Advisories
added 2026/06/09 12:0 a.m.16 views

CVE-2026-47838: Unauthorized User Impersonation when Using X.509 Client Certificates

This CVE is a continuation of CVE-2026-22747 , which addressed this same issue for Spring Security 7.0.x. SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted...

6.8CVSS5.2AI score0.00116EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/26 9:18 p.m.13 views

EUVD-2026-32006

Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the cryptographic verification pipeline of Vanetza. When processing incoming V2X messages, the ASN.1 decoder accepts the structure as syntactically...

7.5CVSS5.8AI score0.00202EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.9 views

RockyLinux 10 : image-builder (RLSA-2026:3840)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3840 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion i...

10CVSS7AI score0.01945EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.8 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: arm-trusted-firmware (UTSA-2026-016603)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016603 advisory. Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of getext and authnvctr...

7.4CVSS7.1AI score0.00629EPSS
Exploits0References4
OSV
OSV
added 2026/05/21 4:27 p.m.16 views

RLSA-2026:3839 Important: image-builder security update

A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in query...

7.5CVSS7AI score0.01945EPSS
Exploits3References4
Github Security Blog
Github Security Blog
added 2026/05/19 7:53 p.m.17 views

Coder: Unauthenticated SSRF via Azure Instance Identity Endpoint

Summary Unauthenticated semi-blind Server-Side Request Forgery SSRF via the Azure instance identity endpoint POST /api/v2/workspaceagents/azure-instance-identity. An external attacker can force the Coder server to issue HTTP GET requests to arbitrary internal or external hosts by submitting a...

6.1AI score0.00071EPSS
Exploits0References10Affected Software2
RedhatCVE
RedhatCVE
added 2026/05/19 7:7 p.m.16 views

CVE-2026-42327

A flaw was found in rust-openssl, a library providing OpenSSL bindings for the Rust programming language. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate. This certificate, containing non-UTF-8 characters in its OCSP Online Certificate Status...

9.1CVSS6.2AI score0.00211EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.14 views

PT-2026-42031

Name of the Vulnerable Software and Affected Versions Coder versions prior to 2.33.3 Coder versions prior to 2.32.2 Coder versions prior to 2.31.12 Coder versions prior to 2.30.8 Coder versions prior to 2.29.13 Coder versions prior to 2.24.5 Description An unauthenticated semi-blind Server-Side...

6.5CVSS6AI score0.00071EPSS
Exploits0References12
AlmaLinux
AlmaLinux
added 2026/05/19 12:0 a.m.22 views

Important: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: crypto/x509: Incorrect enforcement of email constraints in crypto/x509 CVE-2026-27137 net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 For more details about the security issues, including...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/12 5:22 p.m.6 views

CVE-2026-44167

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and 3.0.52...

7.5CVSS7.1AI score0.00569EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.16 views

Unity Linux 20.1060e / 20.1070e Security Update: openldap (UTSA-2026-017531)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017531 advisory. A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in adkeystring, resulting in denial of service...

7.5CVSS6.9AI score0.043EPSS
Exploits0References4
Fedora
Fedora
added 2026/05/07 1:9 a.m.15 views

[SECURITY] Fedora 43 Update: gnutls-3.8.13-1.fc43

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/30 3:3 a.m.21 views

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

10CVSS7.2AI score0.01945EPSS
Exploits4References6
OSV
OSV
added 2026/04/28 4:20 p.m.7 views

CLSA-2026-1777393215 openldap: Fix of 15 CVEs

CVE-2019-13565: SASL session encryption SSF not reset on new connection, allowing downgrade - CVE-2020-12243: slapd crash via deeply nested LDAP search filter boolean expressions - CVE-2020-25692: NULL pointer dereference in slapd during modRDN request - CVE-2020-25709: slapd assertion failure...

7.5CVSS6.8AI score0.84224EPSS
Exploits1References1
OSV
OSV
added 2026/04/22 9:20 a.m.8 views

CLSA-2025-1758636652 openldap: Fix of 14 CVEs

Rebase to 2.4.58 to fix the following vulnerabilities: - CVE-2020-12243: fix denial of service caused by LDAP search filters with nested boolean expressions - CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing - CVE-2020-36223: fix slapd crash in the Values Return...

7.5CVSS7.1AI score0.84224EPSS
Exploits1References1
OSV
OSV
added 2026/04/21 12:4 a.m.5 views

JLSEC-2026-172

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...

7.5CVSS5.8AI score0.1229EPSS
Exploits0References28
CVE
CVE
added 2026/04/20 9:43 a.m.23 views

CVE-2026-31430

CVE-2026-31430 affects the Linux kernel: X.509 extensions parsing could read the first byte of an extension before checking length, causing out-of-bounds access. The vulnerability can be triggered by an unprivileged user submitting a crafted certificate via the keyrings(7) API. A PoC exists. The ...

7.1CVSS5.6AI score0.00081EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder