Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-6450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A CRL critical extension bypass exists in ParseCRLExtensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled...

5.3CVSS6AI score0.0018EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 8:18 p.m.21 views

CVE-2026-6450 CRL critical extension bypass in ParseCRL_Extensions

A CRL critical extension bypass exists in ParseCRLExtensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled critical extension to be accepted. This only affects builds with CRL support enabled and where a crafted CRL had a trusted signature when pars...

1CVSS0.0018EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.5 views

PT-2026-52585

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A critical extension bypass exists in the ParseCRL Extensions function. The issue occurs when critical extensions in a Certificate Revocation List CRL—a list of...

5.3CVSS5.8AI score0.0018EPSS
Exploits0References8
NVD
NVD
added 2026/03/19 6:16 p.m.5 views

CVE-2026-3548

Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs,...

9.8CVSS0.00471EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/03/19 6:16 p.m.3 views

CVE-2026-3548

Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs,...

9.8CVSS6.1AI score0.00471EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/19 5:45 p.m.2 views

CVE-2026-3548 Buffer overflow in CRL number parsing in wolfSSL

Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs,...

9.2CVSS6.2AI score0.00471EPSS
Exploits1References2
CVE
CVE
added 2026/03/19 5:45 p.m.16 views

CVE-2026-3548

Two concrete vulnerabilities affect the wolfSSL CRL parser: heap-based and stack-based buffer overflows when parsing CRL numbers, triggered by crafted CRLs and only in builds with CRL support enabled. The issue stems from storing the CRL number as a hexadecimal string, enabling out-of-bounds writ...

9.8CVSS6.2AI score0.00471EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-3548

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap- based buffer overflow could occur when improperly storin...

9.8CVSS6.1AI score0.00471EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.7 views

PT-2026-26327

Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs,...

9.2CVSS6.2AI score0.00471EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.24 views

Scientific Linux Security Update : curl on SL5.x i386/x86_64

Wesley Miaw discovered that when deflate compression was used, libcurl could call the registered write callback function with data exceeding the documented limit. A malicious server could use this flaw to crash an application using libcurl or, potentially, execute arbitrary code. Note: This issue...

6.8CVSS7.4AI score0.04408EPSS
Exploits0References7
Rows per page
Query Builder