96 matches found
EUVD-2026-41207
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design e.g. 'issue "letsencrypt.org"' without parameters. On Universal SSL zones,...
CVE-2026-14440
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design e.g. 'issue "letsencrypt.org"' without parameters. On Universal SSL zones,...
CVE-2026-14440
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design e.g. 'issue "letsencrypt.org"' without parameters. On Universal SSL zones,...
CVE-2026-44903 vulnerabilities
Vulnerabilities for packages: minio-operator, jaeger, cloud-sql-proxy, certificate-transparency, node-problem-detector, opentelemetry-collector-contrib, minio, telegraf, datadog-agent, mc, metrics-server, splunk-otel-collector, opentelemetry-operator, opentelemetry-collector,...
CVE-2026-44903 vulnerabilities
Vulnerabilities for packages: jaeger, trillian, nrdot-collector-k8s, minio-object-browser, opentelemetry-collector-contrib, opentelemetry-collector-contrib-fips, karma-fips, node-problem-detector, google-cloud-otel-ops-collector, datadog-agent-fips, beats, metrics-server-fips, ld-relay-fips, keda...
CVE-2026-41889 vulnerabilities
Vulnerabilities for packages: harbor, pgwatch, opentelemetry-collector-contrib, step-fips, gotrue-fips, spire-server, temporal-server-fips, cloudprober, azure-service-operator-fips, certificate-transparency-fips, temporal-server, jitsucom-bulker, rke2-cloud-provider, azure-service-operator, kots,...
Google's Android Apps Get Public Verification to Stop Supply Chain Attacks
Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks. "This new public ledger ensures the Google apps on your device are exactly what we intended to build and distribute," Google's product and security teams said. The initiati...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, configmap-reload, croc, mockery, k8ssandra-operator, openbao-k8s, authservice, neuvector-dbgen, telegraf, cluster-autoscaler, manifest-tool, kube-arangodb, mountpoint-s3-csi-driver, terraform-provider-aws, azure-service-operato...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: gcp-compute-persistent-disk-csi-driver, grpcurl, kube-vip, lazydocker, modelmesh-runtime-adapter, sftpgo-plugin-geoipfilter, pulumi-language-yaml, snyk-cli, rancher-fleet, sriov-network-device-plugin, xeol, certificate-transparency, k8ssandra-operator, caddy,...
CLEANSTART-2026-YR14817 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68119, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.3.2-r0
Multiple security vulnerabilities affect the certificate-transparency-trillian-ctserver package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-24122
Cosign
GHSA-FW7P-63QQ-7HPR vulnerabilities
Vulnerabilities for packages: db-operator, temporal-server, trufflehog, croc, terragrunt, envoy-gateway, spire-server, spicedb, seaweedfs, certificate-transparency, ksops, nuclei, wolfictl, age, step-ca, nri-mysql, caddy, minio, apko, juicefs, ratify, sftpgo-plugin-eventstore, sqlexporter,...
Astra Linux – Vulnerability in gnutls28
A heap-buffer-overread vulnerability was discovered in GnuTLS regarding its handling of the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
Siemens SIMATIC S7-1500 Improper Certificate Validation (CVE-2025-32989)
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
Security Bulletin: Allocation of resources without limits, heap-buffer-overread, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service
Summary IBM Storage Defender - Resiliency service is vulnerable to allocation of resources without limits, heap-buffer-overread, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-32988 DESCRIPTION: A flaw was found in GnuTLS. A double-free vulnerability...
EUVD-2017-2993
Malware in sbrugna...
gnutls: Vulnerability in GnuTLS SCT extension parsing
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
gnutls: Vulnerability in GnuTLS SCT extension parsing
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
EUVD-2025-20927
Malicious code in bioql PyPI...
gnutls: Vulnerability in GnuTLS SCT extension parsing
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...