CVE-2026-13325

A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the target virt-handler binds a plain TCP listener on all interfaces 0.0.0.0/:: on a random port with no authentication, peer allow-list, or handshake toke...

EUVD-2026-39645

A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the target virt-handler binds a plain TCP listener on all interfaces 0.0.0.0/:: on a random port with no authentication, peer allow-list, or handshake toke...

PT-2025-20232 · Syslog-Ng +1 · Syslog-Ng +1

Name of the Vulnerable Software and Affected Versions: syslog-ng versions prior to 4.8.2 syslog-ng version 3.28.1-2+deb11u2 and earlier for Debian 11 bullseye Description: syslog-ng is an enhanced log daemon. Prior to version 4.8.2, tls wildcard match matches on certificates such as foo..bar...

CLSA-2022-1667495676 java-1.8.0-openjdk: Fix of 4 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u352-b08. That fixes following CVEs: - CVE-2022-21619: Improper handling of long NTLM client hostnames - CVE-2022-21624: Insufficient randomization of JNDI DNS port numbers - CVE-2022-21626: Excessive memory allocation in X.509 certificate...

How to disable the tls1.1 and tls1.0 by SSL Profile

This article is to record a method to disable the specific tls version by SSL Profile for SSL Vserver...

OPENSUSE-SU-2020:2327-1 Security update for ceph

This update for ceph fixes the following issues: Security issue fixed: - CVE-2020-27781: Fixed a privilege escalation via the cephvolumeclient Python interface bsc1180155, bsc1179802. Non-security issues fixed: - Update to 15.2.8-80-g1f4b6229ca: + Rebase on tip of upstream 'octopus' branch, SHA1...