69 matches found
Important: Red Hat Security Advisory: gnutls and libtasn1 security update
An update for multiple packages is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
RHEL 9 : gnutls (RHSA-2026:32962)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:32962 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such a...
RHEL 10 : gnutls (RHSA-2026:26409)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26409 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such ...
CVE-2026-41719
A flaw was found in Spring Data KeyValue. This vulnerability, known as a Spring Expression Language SpEL Injection, allows a remote attacker with low privileges to execute arbitrary expressions. This occurs when unsanitized user input is passed as a sorting parameter into a repository query metho...
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements used in an Expression Language Statement 'Expression Language Injection' in the SpelPropertyComparator function. An attacker can execute arbitrary SpEL expressions by supplying crafted input t...
CVE-2026-41719 Spring Data KeyValue - SpEL Injection vulnerability in SpelPropertyComparator
A SpEL Injection vulnerability exists in the Spring Data KeyValue if unsanitized user input is passed as Sort into a repository query method that delegates evaluation to the SpelPropertyComparator. Affected versions: Spring Data KeyValue / Spring Data Redis 4.0.0 through 4.0.5; 3.5.0 through...
RLSA-2026:20611 Important: gnutls security update
Please update the gnutls packages to provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Add more checks to DTLS reassembly CVE-2026-33846 gnutls: Fix qsort comparator in DTLS reassemb...
RockyLinux 8 : gnutls (RLSA-2026:20611)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:20611 advisory. gnutls: Add more checks to DTLS reassembly CVE-2026-33846 gnutls: Fix qsort comparator in DTLS reassembly CVE-2026-42009 gnutls: Fix crashing on an...
AlmaLinux 8 : gnutls (ALSA-2026:20611)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:20611 advisory. gnutls: Add more checks to DTLS reassembly CVE-2026-33846 gnutls: Fix qsort comparator in DTLS reassembly CVE-2026-42009 gnutls: Fix crashing on an...
Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2026-1757)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1757 advisory. GnuTLS didn't check that DTLS fragments claimed a consistent messagelength value. Additionally, a crucial array size check was missing, enabling an attacker to cause a heap overwrite...
Important: gnutls security update
Please update the gnutls packages to provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Add more checks to DTLS reassembly CVE-2026-33846 gnutls: Fix qsort comparator in DTLS reassemb...
Undefined Behavior for Input to API
Overview Affected versions of this package are vulnerable to Undefined Behavior for Input to API in the comparator function responsible for ordering Datagram Transport Layer Security DTLS packets by sequence numbers. An attacker can cause unstable packet ordering or undefined behavior by sending...
curl: Credentials forwarded to HTTP after HTTPS→HTTP same-port redirect — url_set_data_creds uses scheme-blind comparator
Hi all, The recent creds: hold credentials refactor — commit 8f71d0fde5 2026-05-11 https://github.com/curl/curl/commit/8f71d0fde5 — introduced a credential-leak regression on HTTPS→HTTP same-port redirects. -u user:pass and --oauth2-bearer both end up in cleartext after a 302 from https://h:N/ to...
Notesnook 代码注入漏洞
Notesnook is an end-to-end encrypted note application developed by Streetwriters. Versions of Notesnook Web/Desktop prior to 3.3.11 contained a code injection vulnerability. This vulnerability originated from a cross-site scripting vulnerability stored in the note history comparator, which could...
CVE-2026-27832 Group-Office Has Authenticated SQL Injection in advancedQueryData.comparator
Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.8, 25.0.87, and 6.8.153 have a SQL Injection SQLi vulnerability, exploitable through the advancedQueryData parameter comparator field on an authenticated endpoint. The endpoint...
CVE-2026-27832 Group-Office Has Authenticated SQL Injection in advancedQueryData.comparator
Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.8, 25.0.87, and 6.8.153 have a SQL Injection SQLi vulnerability, exploitable through the advancedQueryData parameter comparator field on an authenticated endpoint. The endpoint...
CVE-2026-27832 Group-Office Has Authenticated SQL Injection in advancedQueryData.comparator
Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.8, 25.0.87, and 6.8.153 have a SQL Injection SQLi vulnerability, exploitable through the advancedQueryData parameter comparator field on an authenticated endpoint. The endpoint...
CVE-2026-27832
Group-Office (enterprise CRM/groupware) is affected by an authenticated SQL Injection in the advancedQueryData parameter (comparator) on index.php?r=email/template/emailSelection. Pre-fix versions 26.0.8, 25.0.87, and 6.8.153 process advancedQueryData with a weak allowlist, enabling blind boolean...
mruby array.c sort_cmp use after free
...
EUVD-2025-32546
Bucket is a MediaWiki extension to store and retrieve structured data on articles. Prior to version 1.0.0, infinite recursion can occur if a user queries a bucket using the != comparator. This will result in PHP's call stack limit exceeding, and/or increased memory consumption, potentially leadin...