141 matches found
Security Bulletin: Multiple vulnerabilities affect IBM Cloud Pak System
Summary Multiple vulnerabilities affect IBM Cloud Pak System. These vulnerabilties have been addressed with IBM Cloud Pak System 2.3.5.1. Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption c...
RLSA-2026:30844 Moderate: mod_md security update
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: httpd:...
ALSA-2026:30845 Moderate: mod_md security update
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: httpd:...
GO-2026-5564 Open Cluster Management (OCM): Cross-cluster privilege escalation via improper Kubernetes client certificate renewal validation in open-cluster-management.io/ocm
Open Cluster Management OCM: Cross-cluster privilege escalation via improper Kubernetes client certificate renewal validation in open-cluster-management.io/ocm...
[SECURITY] Fedora 44 Update: mod_md-2.6.11-2.fc44
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal...
PT-2026-33881
Name of the Vulnerable Software and Affected Versions OpenBao versions prior to 2.5.3 Description The Certificate authentication method contains a flaw during token renewal when disable binding=true is configured. The system incorrectly verifies if the mTLS certificate presented during a renewal...
Ubuntu 18.04 LTS / 20.04 LTS : Dogtag PKI vulnerability (USN-8158-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8158-1 advisory. Fraser Tweedale and Geetika Kapoor discovered that Dogtag PKI could renew a certificate without proper authentication. An attacker could possibly use...
Ubuntu: Security Advisory (USN-8158-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-8158-1 dogtag-pki vulnerability
Fraser Tweedale and Geetika Kapoor discovered that Dogtag PKI could renew a certificate without proper authentication. An attacker could possibly use this to repeatedly renew a compromised certificate and maintain unauthorized access to a system or resource...
USN-8158-1: Dogtag PKI vulnerability
Fraser Tweedale and Geetika Kapoor discovered that Dogtag PKI could renew a certificate without proper authentication. An attacker could possibly use this to repeatedly renew a compromised certificate and maintain unauthorized access to a system or resource...
CVE-2026-4740
A flaw was found in Open Cluster Management OCM, the technology underlying Red Hat Advanced Cluster Management ACM. Improper validation of Kubernetes client certificate renewal allows a managed cluster administrator to forge a client certificate that can be approved by the OCM controller. This...
CVE-2026-4740 Rhacm: open cluster management (ocm): cross-cluster privilege escalation via improper kubernetes client certificate renewal validation
A flaw was found in Open Cluster Management OCM, the technology underlying Red Hat Advanced Cluster Management ACM. Improper validation of Kubernetes client certificate renewal allows a managed cluster administrator to forge a client certificate that can be approved by the OCM controller. This...
CVE-2026-4740 Rhacm: open cluster management (ocm): cross-cluster privilege escalation via improper kubernetes client certificate renewal validation
A flaw was found in Open Cluster Management OCM, the technology underlying Red Hat Advanced Cluster Management ACM. Improper validation of Kubernetes client certificate renewal allows a managed cluster administrator to forge a client certificate that can be approved by the OCM controller. This...
CVE-2026-4740
CVE-2026-4740 affects Open Cluster Management (OCM), the tech behind Red Hat ACM. The issue is improper validation of Kubernetes client certificate renewal, which can let a managed-cluster admin forge a client certificate accepted by the OCM controller. This enables cross-cluster privilege escala...
USN-7968-2 apache2 regression
USN-7968-1 fixed vulnerabilities in Apache HTTP Server. The update introduced a regression in modmd where the MDStapleOthers setting was ignored which resulted in OCSP being broken for some domains. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It w...
USN-7968-2: Apache HTTP Server regression
USN-7968-1 fixed vulnerabilities in Apache HTTP Server. The update introduced a regression in modmd where the MDStapleOthers setting was ignored which resulted in OCSP being broken for some domains. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It w...
OESA-2026-1529 httpd security update
Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An integer overflow vulnerability was found in Apache HTTP Server versions 2.4.30 to 2.4.66. In case of failed ACME certificate renewal, after a number of failures 30 days in default configurations, the...
March 2, 2026—KB5082314 (OS Build 20348.4776) Out-of-band
March 2, 2026—KB5082314 OS Build 20348.4776 Out-of-band This out-of-band update for Windows Server 2022 KB5082314 is cumulative. It includes updates from previous security updates, along with an additional fix. To learn more about differences between security updates, optional non-security previe...
mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals
An integer overflow flaw has been discovered in the Apache HTTP server. The integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated...
mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals
An integer overflow flaw has been discovered in the Apache HTTP server. The integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated...