Lucene search
+L

11 matches found

cve
cve
added 2026/06/29 8:42 p.m.18 views

CVE-2026-13758

CVE-2026-13758 affects CryptX for Perl versions before 0.088_001. The vulnerability stems from a non-constant-time comparison of AEAD authentication tags in the streaming decrypt_done path, using memNE (memcmp() != 0). The run time varies with the number of matching leading bytes across all five ...

3.7CVSS5.8AI score0.00295EPSS
Exploits0References3
nessus
nessus
added 2026/06/19 12:0 a.m.7 views

EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2026-2430)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 crypto: algifaead - Revert to operating...

8.8CVSS7.1AI score0.96267EPSS
Exploits257References3
nessus
nessus
added 2026/06/16 12:0 a.m.8 views

EulerOS Virtualization 2.11.0 : kernel (EulerOS-SA-2026-2427)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 crypto: algifaead - Revert to operating...

8.8CVSS7.1AI score0.96267EPSS
Exploits257References3
osv
osv
added 2026/05/18 6:11 a.m.5 views

SUSE-SU-2026:21763-1 Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

8.8CVSS5.8AI score0.93235EPSS
Exploits31References3
nessus
nessus
added 2026/05/16 12:0 a.m.10 views

openSUSE 15 Security Update : kernel (SUSE-SU-2026:1840-2)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1840-2 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix the following issue: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb fra...

8.8CVSS6.1AI score0.93235EPSS
Exploits33References7
osv
osv
added 2026/05/14 6:30 a.m.6 views

SUSE-SU-2026:21650-1 Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

8.8CVSS6.1AI score0.93235EPSS
Exploits31References3
nessus
nessus
added 2026/05/09 12:0 a.m.23 views

Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1693)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1693 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Give up GC if MSGPEEK intervened. CVE-2026-23394 In the Linux kernel, the following vulnerability has been resolved:...

9.8CVSS6.8AI score0.93235EPSS
Exploits33References158
nessus
nessus
added 2026/01/31 12:0 a.m.6 views

SUSE SLES12: libopenssl-1_0_0-devel / libopenssl-1_0_0-devel-32bit / etc (SUSE-SU-2026:0333-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0333-1 advisory. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69420: Missing ASN1TYPE validation in...

7.5CVSS6.7AI score0.00844EPSS
Exploits1References13
osv
osv
added 2025/04/07 8:27 a.m.11 views

SUSE-SU-2025:1157-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird ESR 128.9 MFSA 2025-24 bsc1240083 CVE-2025-3028: Use-after-free triggered by XSLTProcessor CVE-2025-3029: URL Bar Spoofing via non-BMP Unicode characters CVE-2025-3030: Memory safety bugs fixed in Firefox 137,...

8.1CVSS8AI score0.00824EPSS
Exploits1References5
redhat
redhat
added 2024/04/18 2:35 a.m.5 views

kernel: tls: use-after-free with partial reads and async decrypt

A use-after-free vulnerability was found in the tls subsystem of the Linux kernel. The tlsdecryptsg function doesn't take references on the pages from clearskb, so the putpage in tlsdecryptdone releases them and a use-after-free can be triggered in processrxlist when trying to read from the...

7.8CVSS6.9AI score0.00254EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2024/03/07 12:0 a.m.7 views

PT-2024-2050

Name of the Vulnerable Software and Affected Versions go-jose versions prior to 2.6.3 go-jose versions prior to 3.0.3 go-jose versions prior to 4.0.1 Description The issue is related to the incorrect handling of highly compressed input data in the go-jose package, which implements the Javascript...

10CVSS8.5AI score0.93305EPSS
Exploits16References305
Rows per page
Query Builder