Lucene search
K

4708 matches found

RedHat Linux
RedHat Linux
added 2026/07/07 2:25 p.m.10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.21.23 bug fix and security update

Red Hat OpenShift Container Platform release 4.21.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.21. Red Hat Product Security has rated this update as having a...

9.8CVSS6.8AI score0.01335EPSS
Exploits4References5
RedHat Linux
RedHat Linux
added 2026/07/07 9:57 a.m.10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.22.4 bug fix and security update

Red Hat OpenShift Container Platform release 4.22.4 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.22. Red Hat Product Security has rated this update as having a...

9.8CVSS6AI score0.0105EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/07/06 1:37 p.m.6 views

USN-8502-1: GnuTLS vulnerabilities

It was discovered that GnuTLS had a timing side-channel when processing malformed ciphertexts in RSA-PSK ClientKeyExchange. A remote attacker could possibly use this issue to recover sensitive information. This issue only affected Ubuntu 18.04 LTS. CVE-2024-0553 Bing Shi discovered that GnuTLS...

9.8CVSS7AI score0.01614EPSS
Exploits3
OSV
OSV
added 2026/07/02 10:17 a.m.5 views

RHSA-2026:34372 Red Hat Security Advisory: gnutls security update

Bulletin has no description...

7.5CVSS5.7AI score0.01335EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2026/07/01 6:54 p.m.6 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/01 6:54 p.m.6 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.01263EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/01 6:54 p.m.6 views

gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

9.1CVSS5.7AI score0.00805EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/01 6:54 p.m.7 views

Important: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.1CVSS6AI score0.01335EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/30 3:50 p.m.9 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.22.3 bug fix and security update

Red Hat OpenShift Container Platform release 4.22.3 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.22. Red Hat Product Security has rated this update as having a...

7.8CVSS7.3AI score0.01335EPSS
Exploits11References3
OSV
OSV
added 2026/06/30 10:49 a.m.4 views

RHSA-2026:33125 Red Hat Security Advisory: gnutls and libtasn1 security update

Bulletin has no description...

8.2CVSS6.6AI score0.01335EPSS
Exploits2References68
OSV
OSV
added 2026/06/30 10:49 a.m.4 views

RHSA-2026:32962 Red Hat Security Advisory: gnutls security update

Bulletin has no description...

8.2CVSS7AI score0.01335EPSS
Exploits1References62
RedHat Linux
RedHat Linux
added 2026/06/29 3:13 p.m.6 views

gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...

7.1CVSS5.8AI score0.00354EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 3:13 p.m.5 views

gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification

A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names SANs...

5.3CVSS6.7AI score0.00638EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/06/29 3:13 p.m.5 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 3:13 p.m.12 views

gnutls: gnutls: Authentication Bypass via NUL Character in Username

A flaw was found in gnutls. Servers configured with RSA-PSK Rivest–Shamir–Adleman – Pre-Shared Key wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass...

9.8CVSS5.8AI score0.0105EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 3:13 p.m.3 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.01263EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/29 3:13 p.m.5 views

gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

9.1CVSS5.7AI score0.00805EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/29 3:13 p.m.5 views

gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling

A flaw was found in gnutls. An off-by-one error exists in the PKCS12 bag element bounds check. This vulnerability allows an remote attacker to write past the internal array of a PKCS12 bag when appending to a bag that already contains 32 elements. This memory corruption could lead to a denial of...

5.3CVSS5.8AI score0.00727EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 3:13 p.m.5 views

gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name SAN could cause the validation process to incorrectly fall back to checking the Common Name CN field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to...

8.2CVSS5.8AI score0.00423EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 3:13 p.m.6 views

gnutls: gnutls: Security bypass due to incorrect name constraint handling

A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities CAs only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate...

7.4CVSS5.8AI score0.00475EPSS
Exploits0References5
Rows per page
Query Builder