CVE-2026-43114

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapoavx2: don't return non-matching entry on expiry New test case fails unexpectedly when avx2 matching functions are used. The test first loads a ranomly generated pipapo set with 'ipv4 . port' key, i.e. nft -...

OpenAEV 安全漏洞

OpenAEV is an open-source personal planning platform under the OpenAEV Platform project. Versions of OpenAEV from 1.0.0 to 2.0.13 contained security vulnerabilities. This vulnerability stemmed from the fact that password reset tokens did not expire and had a length of only 8 bits. This allowed...

SUSE CVE-2026-24122

Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be considered valid during verification even if the provided timestamp would mean the issuing certificate...

CVE-2026-24122 Cosign Certificate Chain Expiry Validation Issue Allows Issuing Certificate Expiry to Be Overlooked

Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be considered valid during verification even if the provided timestamp would mean the issuing certificate...

SUSE CVE-2025-64708

authentik is an open-source Identity Provider. Prior to versions 2025.8.5 and 2025.10.2, in previous authentik versions, invitations were considered valid regardless if they are expired or not, thus relying on background tasks to clean up expired ones. In a normal scenario this can take up to 5...

EUVD-2020-7202

Malware in sbrugna...

wire-webapp 安全漏洞

wire-webapp is an open source application from Wire Swiss. A security vulnerability exists in wire-webapp versions prior to 2025-05-20-production.0, which stems from a session not being expired correctly, which could lead to automatic re-logins...

CVE-2025-2291

Password can be used past expiry in PgBouncer due to authquery not taking into account Postgres its VALID UNTIL value, which allows an attacker to log in with an already expired password...

EulerOS 2.0 SP12 : curl (EulerOS-SA-2025-1170)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2025-1151)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the pvrdma_realize function in the PVRDMA virtual network adapter allows a hacker to induce a service failure.

The vulnerability of the pvrdmarealize function in the PVRDMA virtual network adapter emulator for hardware emulation software QEMU is related to deficiencies in resource release after the expiration of its useful lifespan. Exploiting this vulnerability can allow an attacker to cause a service...

SUSE-SU-2019:0888-2 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2018-17199: A bug in Apache's 'modsessioncookie' lead to an issue where the module did not respect a cookie's expiry time. bsc1122839 CVE-2019-0220: The Apache HTTP server did not use a consistent strategy for URL normalization throughout...

Security update for apache2 (moderate)

openSUSE Security Update: Security update for apache2 Announcement ID: openSUSE-SU-2019:0305-1 Rating: moderate References: 1121086 1122838 1122839 Cross-References: CVE-2018-17189 CVE-2018-17199 Affected Products: openSUSE Leap 42.3 An update that solves two vulnerabilities and has one errata is...

SUSE SLED15 / SLES15 Security Update : apache2 (SUSE-SU-2019:0504-1)

This update for apache2 fixes the following issues : Security issues fixed : CVE-2018-17189: Fixed a denial of service in modhttp2, via slow and unneeded request bodies bsc1122838 CVE-2018-17199: Fixed that modsessioncookie did not respect expiry time bsc1122839 Non-security issue fixed:...