eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name

A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security TLS handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service DoS condition, impacting the availability of t...

gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol OCSP response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabl...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/handshake: Duplicate handshake cancellations cause a socket leak. When a handshake request is cancelled, it is removed from the handshakenet-hnrequests list, but it remains in the handshakerhashtbl until it is destroyed. If a...

CVE-2026-3832

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol OCSP response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabl...

CVE-2026-20005

Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete parsing of the...

CVE-2026-27848

Due to missing neutralization of special elements, OS commands can be injected via the handshake of a TLS-SRP connection, which are ultimately run as the root user. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200...

CVE-2026-27848

CVE-2026-27848 affects Linksys MR9600 (1.0.4.205530) and MX4200 (1.0.13.210200). Root cause: missing neutralization of special elements allows OS command injection via the TLS-SRP handshake, with commands executed as root. Some connected sources indicate a PoC/exploitation possibility, but no in-...

CVE-2026-27847 Missing authentication in Linksys MR9600, Linksys MX4200

Due to improper neutralization of special elements, SQL statements can be injected via the handshake of a TLS-SRP connection. This can be used to inject known credentials into the database that can be utilized to successfully complete the handshake and use the protected service. This issue affect...

CVE-2026-27847 Missing authentication in Linksys MR9600, Linksys MX4200

Due to improper neutralization of special elements, SQL statements can be injected via the handshake of a TLS-SRP connection. This can be used to inject known credentials into the database that can be utilized to successfully complete the handshake and use the protected service. This issue affect...

PT-2026-21926

Name of the Vulnerable Software and Affected Versions MR9600 versions 1.0.4.205530 MX4200 versions 1.0.13.210200 Description The software contains a flaw due to improper neutralization of special elements, allowing for SQL statement injection during the TLS-SRP connection handshake. This injectio...

PT-2025-47988

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 7.0.26 MongoDB Server versions prior to 8.0.16 MongoDB Server versions prior to 8.2.2 Description A MongoDB server may incorrectly establish TLS handshakes with clients or servers presenting certificates that d...

EUVD-2012-2184

Malware in sbrugna...

EUVD-2019-6203

Malware in sbrugna...

EUVD-2011-5257

Malware in sbrugna...

EUVD-2023-38106

Malicious code in bioql PyPI...

TLoRa: Implementing TLS over LoRa for Secure HTTP Communication in IoT

We present TLoRa, an end-to-end architecture for HTTPS communication over LoRa by integrating TCP tunneling and a complete TLS 1.3 handshake. It enables a seamless and secure communication channel between WiFi-enabled end devices and the Internet over LoRa using an End Hub EH and a Net Relay NR...

CVE-2025-58369 fs2: Half-shutdown of socket during TLS handshake may result in spin loop on opposite side

fs2 is a compositional, streaming I/O library for Scala. Versions up to and including 2.5.12, 3.0.0-M1 through 3.12.2, and 3.13.0-M1 through 3.13.0-M6 are vulnerable to denial of service attacks though TLS sessions using fs2-io on the JVM using the fs2.io.net.tls package. When establishing a TLS...

CVE-2025-52494

Adacore Ada Web Server AWS before 25.2 is vulnerable to a denial-of-service DoS condition due to improper handling of SSL handshakes during connection initialization. When a client initiates an HTTPS connection, the server performs the SSL handshake before assigning the connection to a processing...

Linux Distros Unpatched Vulnerability : CVE-2022-39173

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow during a TLS 1.3 handshake. This occurs when an attacker supposedly resumes a previous TL...

USN-7674-1 openjdk-lts vulnerabilities

It was discovered that the 2D component of OpenJDK 11 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...