Lucene search
+L

634 matches found

OSV
OSV
added 2026/06/02 11:16 p.m.12 views

UBUNTU-CVE-2026-27145

x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number...

7.5CVSS5.5AI score0.00939EPSS
Exploits0References5
OSV
OSV
added 2026/05/30 6:3 p.m.25 views

RLSA-2026:20597 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

6.5CVSS5.9AI score0.0038EPSS
Exploits3References4
Rockylinux
Rockylinux
added 2026/05/30 6:3 p.m.23 views

glibc security update

An update is available for glibc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries libc, POSIX thread librarie...

7.5CVSS5.9AI score0.0038EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/05/28 10:21 a.m.16 views

CVE-2026-42579

A flaw was found in Netty. Netty's DNS Domain Name System codec does not properly enforce domain name constraints as defined in RFC 1035 during both encoding and decoding processes. This vulnerability allows a remote attacker to exploit the decoder using malicious DNS responses or exploit the...

9.1CVSS6.9AI score0.00969EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/05/19 1:16 p.m.9 views

libssh: libssh: Denial of Service via inefficient regular expression processing

A flaw was found in libssh. A remote attacker, by controlling client configuration files or knownhosts files, could craft specific hostnames that when processed by the matchpattern function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion,...

5.5CVSS6.4AI score0.00223EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/19 9:10 a.m.12 views

libssh: libssh: Denial of Service via inefficient regular expression processing

A flaw was found in libssh. A remote attacker, by controlling client configuration files or knownhosts files, could craft specific hostnames that when processed by the matchpattern function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion,...

5.5CVSS6.4AI score0.00223EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.14 views

PT-2026-41974

Name of the Vulnerable Software and Affected Versions @haxtheweb/open-apis versions 9.0.1 through 25.x Description Multiple functions perform substring-only matching to validate hostnames for basic authorization. This allows an attacker to append matched substrings to an attacker-controlled...

8.7CVSS5.3AI score0.00457EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/12 8:21 p.m.18 views

CVE-2026-44659

Zen is a firefox-based browser. Prior to 1.19.12b, the ZEN Browser incorrectly truncates long hostnames in the address bar and shows only the attacker-controlled prefix of the subdomain, hiding the actual registrable domain eTLD+1. As a result, an attacker can craft extremely long malicious...

4.7CVSS5.8AI score0.00164EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/11 5:1 p.m.10 views

EUVD-2026-29133

Zen is a firefox-based browser. Prior to 1.19.12b, the ZEN Browser incorrectly truncates long hostnames in the address bar and shows only the attacker-controlled prefix of the subdomain, hiding the actual registrable domain eTLD+1. As a result, an attacker can craft extremely long malicious...

4.7CVSS5.8AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2026/05/11 5:1 p.m.4 views

CVE-2026-44659 Zen Browser Mac - Address Bar Spoofing via Long Subdomain

Zen is a firefox-based browser. Prior to 1.19.12b, the ZEN Browser incorrectly truncates long hostnames in the address bar and shows only the attacker-controlled prefix of the subdomain, hiding the actual registrable domain eTLD+1. As a result, an attacker can craft extremely long malicious...

4.7CVSS6AI score0.00164EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

Zen 安全漏洞

Zen is an open-source productivity browser based on Firefox. Versions of Zen prior to 1.19.12b contain security vulnerabilities. These vulnerabilities arise from the address bar incorrectly truncating long hostnames and displaying only the subdomain prefix controlled by the attacker, which may le...

4.7CVSS5.8AI score0.00164EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/08 3:42 a.m.11 views

CVE-2026-42273

Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in heimdall failing to match a rule for a request host...

7.8CVSS5.7AI score0.00301EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2026/05/07 2:9 a.m.11 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via improper validation of the supi path parameter in multiple GET handlers. An attacker can obtain internal infrastructure details, including hostnames, ports, and API paths, by injecting control characters into th...

8.7CVSS5.8AI score0.00324EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2026/05/05 12:0 a.m.76 views

openssh security update

8.0p1-29.0.1 - Update upstream references Orabug: 36587718 8.0p1-29 - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode Resolves: RHEL-164743 - CVE-2026-35388: Add connection multiplexing confirmation for proxy-mode multiplexing sessions Resolves:...

8.1CVSS6AI score0.00419EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/30 10:0 p.m.32 views

CVE-2026-28909

Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. This issue is fixed in container version 0.12.3...

0.00199EPSS
Exploits0References1
CVE
CVE
added 2026/04/30 10:0 p.m.12 views

CVE-2026-28909

CVE-2026-28909 affects a container runtime where connecting to malicious registries using hostnames that match bypass patterns can expose registry credentials in plaintext. The issue is mitigated by upgrading to container version 0.12.3. The available sources confirm the vulnerability description...

6.5CVSS5.3AI score0.00199EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/04/30 10:0 p.m.8 views

EUVD-2026-26452

Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. This issue is fixed in container version 0.12.3...

5.3AI score0.00199EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/30 10:0 p.m.8 views

CVE-2026-28909

Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. This issue is fixed in container version 0.12.3...

5.3AI score0.00199EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.7 views

PT-2026-36209

Name of the Vulnerable Software and Affected Versions container versions prior to 0.12.3 Description Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. Recommendations Update to version 0.12.3...

6.5CVSS5.8AI score0.00199EPSS
Exploits0References5
OSV
OSV
added 2026/04/25 11:30 p.m.5 views

GHSA-72H4-MXFC-JX37 Heimdall: Case-sensitive host matching may lead to policy bypass

Summary Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in heimdall failing to match a rule for a request host that differs only in letter casing, potentially causing the request to be classified differently than...

7.8CVSS5.8AI score0.00301EPSS
Exploits0References6
Rows per page
Query Builder