Lucene search
K

1766 matches found

RedHat Linux
RedHat Linux
added yesterday2 views

crypto/x509: Incorrect enforcement of email constraints in crypto/x509

A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly...

7.5CVSS6.9AI score0.00606EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added yesterday3 views

Important: Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0 (golang-github-openstack-k8s-operators-os-diff) security update

An update for golang-github-openstack-k8s-operators-os-diff is now available for Red Hat OpenStack Services on OpenShift 18.0 Antelope. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

8.8CVSS6.8AI score0.00813EPSS
Exploits2References11
RedHat Linux
RedHat Linux
added last week10 views

netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement

A flaw was found in Netty. Netty's DNS Domain Name System codec does not properly enforce domain name constraints as defined in RFC 1035 during both encoding and decoding processes. This vulnerability allows a remote attacker to exploit the decoder using malicious DNS responses or exploit the...

9.1CVSS6.9AI score0.00969EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/07/09 5:35 a.m.6 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/08 4:38 p.m.3 views

tomcat: security constraint bypass with HTTP/0.9

A flaw was found in Tomcat. An improper input validation vulnerability allows an attacker to bypass security constraints. Specifically, if a security constraint is configured to permit HEAD requests to a URI but deny GET requests, a malformed or specification invalid HEAD request using the HTTP/0...

6.5CVSS7AI score0.00494EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/08 3:52 p.m.4 views

crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application

A flaw was found in the crypto/x509 package within Go golang. When verifying a certificate chain, excluded DNS Domain Name System constraints are not correctly applied to wildcard DNS Subject Alternative Names SANs if the case of the SAN differs from the constraint. This oversight could allow an...

8.8CVSS7AI score0.0034EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/08 3:52 p.m.3 views

crypto/x509: Incorrect enforcement of email constraints in crypto/x509

A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly...

7.5CVSS7AI score0.00606EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/07/08 2:47 p.m.4 views

CVE-2026-55956

A flaw was found in Apache Tomcat where access control rules for the default servlet are improperly handled. An attacker can exploit this issue to bypass specific HTTP method restrictions, potentially gaining unauthorized access to protected application resources. Mitigation Review your...

6.5CVSS5.9AI score0.0041EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/07 11:1 a.m.32 views

CVE-2026-11340 Authorization Bypass in HAVELSAN's Open Source Project Liman MYS

Missing Authorization vulnerability in HAVELSAN Inc. Liman MYS allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Liman MYS: before release.Master.1107...

8.3CVSS0.00195EPSS
Exploits0References1
OSV
OSV
added 2026/07/06 4:18 p.m.4 views

BIT-TOMCAT-2026-55956 Apache Tomcat: Security constraints for default servlet ignored method

Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint. This issue affects Apache Tomcat: from 11.0.0 through 11.0.22, from 10.1.0 through 10.1.55, from 9.0.0...

6.5CVSS5.9AI score0.0041EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.7 views

CVE-2026-22547

Gitea versions before 1.25.5 lack validation constraints for repository creation fields, including length-limited template fields and trust model or object format values...

5.9AI score0.00373EPSS
Exploits0References5
CVE
CVE
added 2026/07/02 12:34 p.m.18 views

CVE-2026-58653

CVE-2026-58653 affects PraisonAI prior to 0.1.7, where issue creation/update does not validate that project_id matches the URL workspace. This allows an attacker to reference projects from other workspaces, causing cross-tenant data pollution in project statistics aggregation without workspace co...

5.3CVSS5.8AI score0.00158EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/07/01 7:58 p.m.5 views

NPM: sigstore's `certificateOIDs` verification constraints are silently dropped and never enforced

NPM: sigstore's certificateOIDs verification constraints are silently dropped and never enforced vulnerability discovered by ? in WordPress Npm sigstore versions = 4.1.0...

7.5CVSS5.9AI score0.0019EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/07/01 7:58 p.m.6 views

Improper Verification of Cryptographic Signature

Overview @sigstore/verify is a Verification of Sigstore signatures Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to the certificateOIDs option being accepted by the public API but discarded before verification, resulting in required...

8.7CVSS5.9AI score0.0019EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/01 5:32 p.m.5 views

crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application

A flaw was found in the crypto/x509 package within Go golang. When verifying a certificate chain, excluded DNS Domain Name System constraints are not correctly applied to wildcard DNS Subject Alternative Names SANs if the case of the SAN differs from the constraint. This oversight could allow an...

8.8CVSS5.8AI score0.0034EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/07/01 4:32 p.m.8 views

CVE-2026-56152

Incorrect Authorization CWE-863 in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not Properly Constrained by ACLs CAPEC-1. Under certain conditions, a low-privileged authenticated user can access response action data that they are not authorized to vie...

5.3CVSS5.8AI score0.00181EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/07/01 3:15 a.m.6 views

SUSE CVE-2026-55276

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints were not included when the effective web.xml was logged. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

3.3CVSS6AI score0.00368EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/07/01 3:15 a.m.4 views

SUSE CVE-2026-55956

Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...

6.5CVSS5.9AI score0.0041EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.8 views

PT-2026-55204

Name of the Vulnerable Software and Affected Versions sigstore-js versions prior to 4.1.1 Description The certificateOIDs option in the sigstore.verify function is accepted by the public API but discarded before the verification process occurs. Consequently, required certificate extension Object...

7.5CVSS6.1AI score0.0019EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/30 7:49 a.m.16 views

CVE-2026-55276

A flaw was found in Apache Tomcat. Due to an always-incorrect control flow implementation, special roles and empty authorization constraints were not accurately included when the effective web.xml configuration was logged. This could lead to a security oversight where administrators might...

9.1CVSS5.8AI score0.00368EPSS
Exploits0References4
Rows per page
Query Builder