SonicWALL SonicOS 安全漏洞

SonicWALL SonicOS is an operating system developed by the American company SonicWALL, specifically for use with SonicWall firewall devices. There is a security vulnerability in SonicWall SonicOS, which stems from a stack buffer overflow in certificate processing. This vulnerability could allow...

Important: Red Hat Security Advisory: grafana-pcp security update

An update for grafana-pcp is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

ALSA-2026:3042 Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing CVE-2025-69419...

ALSA-2026:2920 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 grafana/grafana/pkg/services/dashboards: Grafana...

Huawei EulerOS: Security Advisory for libtasn1 (EulerOS-SA-2026-1128)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.1 : libtasn1 (EulerOS-SA-2026-1128)

According to the versions of the libtasn1 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a...

ALSA-2026:1472 Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187...

Security Bulletin: A vulnerability in RedHat UBI affects IBM Robotic Process Automation for Cloud Pak and may result in denial of service (CVE-2024-12243).

Summary A vulnerability in RedHat UBI affects IBM Robotic Process Automation for Cloud Pak and may result in a denial of service. RedHat UBI is used as base imaged for IBM Robotic Process Automation for Cloud Pak images. This bulletin identifies the fixes required to address this vulnerability...

Siemens SIMATIC S7-1500 and Ruggedcom ROX Devices Inefficient Algorithmic Complexity (CVE-2024-12133)

A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate,...

OESA-2025-2610 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

CVE-2025-58187 Quadratic complexity when checking name constraints in crypto/x509

Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains...

Advisory ROSA-SA-2025-3042

Software: gnutls 3.6.16 OS: ROSA Virtualization 3.0 unaffected versions = gnutls-3.6.16-8.0.0.1.rv30.4 affected versions gnutls-3.6.16-8.0.1.1.rv30.4 CVE-ID: CVE-2024-12243 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in GnuTLS when processing ASN.1 data via libtasn1 could result in...

A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing

GNU TLS is vulnerable to a denial-of-service DoS due to inefficient certificate processing in the libtasn1 library. An attacker could present a maliciously crafted certificate that contains a large amount of subject alternative name or name constraint inputs, potentially leading to excessive...

EUVD-2017-14094

Malware in sbrugna...

EUVD-2024-50709

Malicious code in bioql PyPI...

EulerOS 2.0 SP10 : gnutls (EulerOS-SA-2025-2068)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain...

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SSL/TLS Certificate Denial of Service Vulnerability

A vulnerability in the certificate processing of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS...

PT-2025-33313

Name of the Vulnerable Software and Affected Versions: Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software affected versions not specified Description: A flaw in the SSL/TLS certificate processing can allow a remote, unauthenticated...

CVE-2025-8729 MigoXLab LMeterX upload_service.py process_cert_files path traversal

A vulnerability has been found in MigoXLab LMeterX 1.2.0 and classified as critical. Affected by this vulnerability is the function processcertfiles of the file backend/service/uploadservice.py. The manipulation of the argument taskid leads to path traversal. The attack can be launched remotely...

Astra Linux – Vulnerability in libtasn1-6

A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even cause the system to crash. This flaw allows an attacker to send a specially crafted...