Lucene search
+L

78 matches found

nessus
nessus
added 2026/06/30 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-11310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra OPENSSLEXT...

8.7CVSS6AI score0.00145EPSS
Exploits0References2
nessus
nessus
added 2026/06/30 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-6091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An...

6.5CVSS6AI score0.00121EPSS
Exploits0References3
nessus
nessus
added 2026/06/30 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-11999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with...

8.2CVSS6AI score0.00145EPSS
Exploits0References2
nvd
nvd
added 2026/06/25 8:17 p.m.9 views

CVE-2026-11310

X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra OPENSSLEXTRA and whose application validates certificates by calling X509verifycert with caller-supplied untrusted intermediate certificates; for...

8.7CVSS0.00145EPSS
Exploits0References2
osv
osv
added 2026/06/25 8:17 p.m.4 views

UBUNTU-CVE-2026-11310

X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra OPENSSLEXTRA and whose application validates certificates by calling X509verifycert with caller-supplied untrusted intermediate certificates; for...

8.7CVSS5.8AI score0.00145EPSS
Exploits0References4
cve
cve
added 2026/06/25 7:38 p.m.33 views

CVE-2026-11310

The CVE-2026-11310 entry concerns wolfSSL’s X509_verify_cert() when built with --enable-opensslextra (OPENSSL_EXTRA) and used by applications that pass untrusted intermediates to X509_verify_cert(). The root cause is that wolfSSL temporarily loads untrusted intermediates into the certificate mana...

8.7CVSS5.9AI score0.00145EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/25 7:38 p.m.34 views

CVE-2026-11310 X.509 trust-chain bypass in wolfSSL_X509_verify_cert() via untrusted intermediate anchoring

X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra OPENSSLEXTRA and whose application validates certificates by calling X509verifycert with caller-supplied untrusted intermediate certificates; for...

8.7CVSS0.00145EPSS
Exploits0References2
alpinelinux
alpinelinux
added 2026/06/25 7:38 p.m.10 views

CVE-2026-11310

X.509 trust-chain bypass in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra OPENSSLEXTRA and whose application validates certificates by calling X509verifycert with caller-supplied untrusted intermediate certificates; for...

8.7CVSS5.8AI score0.00145EPSS
Exploits0References2
nvd
nvd
added 2026/06/25 6:16 p.m.11 views

CVE-2026-11999

X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra whose application calls X509verifycert with caller-supplied untrusted intermediates; for those users it is critical, otherwis...

8.2CVSS0.00145EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/25 4:56 p.m.5 views

CVE-2026-11999

X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra whose application calls X509verifycert with caller-supplied untrusted intermediates; for those users it is critical, otherwis...

8.2CVSS5.9AI score0.00145EPSS
Exploits0References3Affected Software1
cve
cve
added 2026/06/25 4:56 p.m.30 views

CVE-2026-11999

CVE-2026-11999 affects wolfSSL when built with --enable-opensslextra. The X509_verify_cert() path-depth exhaustion in wolfSSL_X509_verify_cert() can allow an attacker-controlled certificate to be accepted if the caller supplies untrusted intermediates and the chain depth exceeds the verifier’s ma...

8.2CVSS5.9AI score0.00145EPSS
Exploits0References2Affected Software1
euvd
euvd
added 2026/06/25 4:56 p.m.9 views

EUVD-2026-39496

X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra whose application calls X509verifycert with caller-supplied untrusted intermediates; for those users it is critical, otherwis...

8.2CVSS5.9AI score0.00145EPSS
Exploits0References2
alpinelinux
alpinelinux
added 2026/06/25 4:56 p.m.8 views

CVE-2026-11999

X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra whose application calls X509verifycert with caller-supplied untrusted intermediates; for those users it is critical, otherwis...

8.2CVSS5.8AI score0.00145EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.26 views

PT-2026-52511

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description A trust-chain bypass exists in the OpenSSL compatibility certificate verifier function wolfSSL X509 verify cert. This issue occurs in builds configured with --enable-opensslextra when an...

8.2CVSS5.8AI score0.00145EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/06/05 7:19 p.m.10 views

CVE-2026-5263

URI nameConstraints from constrained intermediate CAs are parsed but not enforced during certificate chain verification in wolfcrypt/src/asn.c. A compromised or malicious sub-CA could issue leaf certificates with URI SAN entries that violate the nameConstraints of the issuing CA, and wolfSSL woul...

7CVSS5.4AI score0.00165EPSS
Exploits0References1
nessus
nessus
added 2026/05/28 12:0 a.m.14 views

FreeBSD : Erlang/OTP -- public_key accepts non-CA certificate as intermediate issuer (9357a450-5a54-11f1-b886-4c526214c986)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9357a450-5a54-11f1-b886-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-c99q-jmpx-v8qq reports: Erlang/OTP's publickey...

8CVSS5.7AI score0.0033EPSS
Exploits0References3
freebsd
freebsd
added 2026/05/27 12:0 a.m.16 views

Erlang/OTP -- public_key accepts non-CA certificate as intermediate issuer

https://github.com/erlang/otp/security/advisories/GHSA-c99q-jmpx-v8qq reports: Erlang/OTP's publickey application contains a path-validation flaw where non-CA certificates lacking keyUsage extensions can be accepted as intermediate issuers. An attacker with an end-entity certificate issued by a...

8CVSS5.9AI score0.0033EPSS
Exploits0References1
amazon
amazon
added 2026/05/26 12:0 a.m.23 views

Important: golang-github-burntsushi-toml-test

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out...

7.5CVSS7.1AI score0.01945EPSS
Exploits3
redhat
redhat
added 2026/05/19 4:19 p.m.13 views

crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

7.5CVSS7.2AI score0.00615EPSS
Exploits0References8
amazon
amazon
added 2026/05/14 12:0 a.m.20 views

Important: containerd

Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...

9.8CVSS7.1AI score0.00651EPSS
Exploits0
Rows per page
Query Builder