Lucene search
K

11 matches found

Ubuntu
Ubuntu
added 2026/06/22 5:23 p.m.4 views

USN-8447-3: Google Guest Agent vulnerabilities

USN-8447-1 fixed vulnerabilities in Go Cryptography. This update provides the corresponding updates for Go Cryptography code embedded in Google Guest Agent. Original advisory details: It was discovered that Go Cryptography did not properly handle SSH global request responses. A remote attacker...

10CVSS6.2AI score0.005EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.5 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : Go Cryptography vulnerabilities (USN-8447-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8447-1 advisory. It was discovered that Go Cryptography did not properly handle SSH global request responses. ...

10CVSS6.2AI score0.005EPSS
Exploits0References8
OSV
OSV
added 2026/06/17 1:43 p.m.4 views

USN-8447-1 golang-go.crypto vulnerabilities

It was discovered that Go Cryptography did not properly handle SSH global request responses. A remote attacker could possibly use this issue to cause a denial of service. CVE-2026-39830 It was discovered that Go Cryptography did not properly verify user presence when using FIDO/U2F security keys...

10CVSS5.7AI score0.005EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.4 views

PT-2026-26369

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs wi...

9.1CVSS5.9AI score0.00252EPSS
Exploits0References16
SUSE Linux
SUSE Linux
added 2026/03/13 8:57 a.m.5 views

Security update for tomcat10

This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.52: CVE-2025-66614: client certificate verification bypass due to virtual host mapping bsc1258371. CVE-2026-24733: improper input validation on HTTP/0.9 requests bsc1258385. CVE-2026-24734: certificate revocation bypass du...

8.7CVSS5.7AI score0.00498EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-5030

Malware in sbrugna...

4.3CVSS6.3AI score0.009EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/06/05 2:16 p.m.5 views

openssl: X.400 address type confusion in X.509 GeneralName

A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...

7.4CVSS6.8AI score0.59501EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/06/05 11:46 a.m.4 views

openssl: X.400 address type confusion in X.509 GeneralName

A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...

7.4CVSS6.8AI score0.59501EPSS
Exploits0References5
OSV
OSV
added 2023/02/08 8:15 p.m.5 views

AZL-13564 CVE-2023-0286 affecting package openssl for versions less than 1.1.1k-21

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.4CVSS6.9AI score0.59501EPSS
Exploits0References1
OSV
OSV
added 2023/02/07 12:0 a.m.1 views

UBUNTU-CVE-2023-0286

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

7.4CVSS6.9AI score0.59501EPSS
Exploits0References8
Prion
Prion
added 2013/10/24 3:48 a.m.21 views

Design/Logic Flaw

Smart Card Services in Apple Mac OS X before 10.9 does not properly implement certificate-revocation checks, which allows remote attackers to cause a denial of service Smart Card usage outage by interfering with the revocation-check procedure...

4.3CVSS6.7AI score0.009EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder