944 matches found
EUVD-2026-31390
golang.org/x/crypto/ssh/agent doesn't drop invoking agent constraints when forwarding keys...
CVE-2026-6731
X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's DNS name constraints could be accepted...
CVE-2026-10592
Certificates with wildcard DNS SANs e.g. .example.com bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS name constraints could be accepted...
EUVD-2026-39555
X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's DNS name constraints could be accepted...
CVE-2026-6731 X.509 name constraint bypass via Subject CN treated as a DNS name
X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's DNS name constraints could be accepted...
CVE-2026-6731
X.509 name constraint bypass via the Subject Common Name when treated as a DNS-type name. A certificate whose Subject CN violates an issuing CA's DNS name constraints could be accepted...
CVE-2026-10592
Certificates with wildcard DNS SANs e.g. .example.com bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS name constraints could be accepted...
CVE-2026-10592 Wildcard DNS SAN bypasses CA name-constraint checks
Certificates with wildcard DNS SANs e.g. .example.com bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS name constraints could be accepted...
PT-2026-52589
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A flaw exists where X.509 name constraints can be bypassed when the Subject Common Name is treated as a DNS-type name. This allows a certificate to be accepted...
Important: Red Hat Security Advisory: Red Hat build of Cryostat security update
An update is now available for the Red Hat build of Cryostat 4 on RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/sched: It has been ensured that teql can only be used as a root qdisc. The design intention of teql is that it should only be used as a root qdisc. Therefore, we need to ensure this constraint is respected. Although not very...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: perf/x86: Fixed the potential issue with bad containerof in intelpmuhwconfig. The auto counter reload may involve a group of events, some of which are software-related. The software event related to the PMU is not equivalent t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize The step variable is initialized to zero. It is changed during the loop, but if it isn’t changed, it will remain zero. Add a variable check before the division...
CVE-2025-31272
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges...
FreeBSD : Erlang/OTP -- TLS distribution check_ip flag does not enforce same-LAN constraint (d87e5fb4-64d4-11f1-ab11-4c526214c986)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d87e5fb4-64d4-11f1-ab11-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-gp7x-mfv6-52cv reports: Erlang distribution over...
Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.33.2 release and security update
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...
Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.27.4 release and security update
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...
Fedora 43 : pcs (2026-c0f7d885ee)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c0f7d885ee advisory. - Updated standalone web UI and HA Cluster Management Cockpit application to pcs-web-ui 0.1.24.3 see CHANGELOGWUI.md - Fixed a crash when running pcs...
Fedora 44 : pcs (2026-d420bebe72)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d420bebe72 advisory. - Updated standalone web UI and HA Cluster Management Cockpit application to pcs-web-ui 0.1.24.3 see CHANGELOGWUI.md - Fixed a crash when running pcs...
USN-8401-1: Netty vulnerabilities
It was discovered that Netty's HTTP proxy handler did not properly validate headers when constructing CONNECT requests. An attacker could possibly use this issue to inject arbitrary HTTP headers into CONNECT requests. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,...