CVE-2026-32253

Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed because of how OpenSSL verification results are handled. In src/crypto.cpp, the custom verify callback treats X509VERRUNABLETOGETISSUERCERTLOCALLY,...

TencentOS Server 4: nss (TSSA-2024:0636)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0636 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm

A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...

AZL-37522 CVE-2024-24783 affecting package golang for versions less than 1.21.6-1

Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...

PT-2024-2139 · Debian +10 · Debian +10

Name of the Vulnerable Software and Affected Versions: crypto/tls versions affected versions not specified golang affected versions not specified Description: The issue arises when verifying a certificate chain that contains a certificate with an unknown public key algorithm, causing...

SUSE SLES15 Security Update : mozilla-nss (SUSE-SU-2023:0130-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0130-1 advisory. - Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the...

SUSE SLES12 Security Update : mozilla-nss (SUSE-SU-2023:0118-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0118-1 advisory. - Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the...

GLSA-202212-05 : Mozilla Network Security Service (NSS): Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202212-05 Mozilla Network Security Service NSS: Multiple Vulnerabilities - NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures...

CVE-2022-3479

A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash...

CVE-2022-3479

CVE-2022-3479 is an NSS vulnerability where the client authentication process can crash when no user certificate is present in the database, potentially causing a segmentation fault. The connected Nessus advisories (Ubuntu USN-5892-1 and SUSE advisories) note NSS-related fixes and recommend updat...

CVE-2022-3479

A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash...

CVE-2022-3479

A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash...