GO-2026-4322 Traefik's ACME TLS-ALPN fast path lacks timeouts and close on handshake stall in github.com/traefik/traefik

Traefik's ACME TLS-ALPN fast path lacks timeouts and close on handshake stall in github.com/traefik/traefik...

PT-2026-4639

CVE-2026-24340 - Fortinet SSL/TLS Denial of Service CVE ID : CVE-2026-24340 Published : Jan. 23, 2026, 5:16 a.m. | 1 hour, 58 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2021-47770

OpenPLC v3 contains an authenticated remote code execution vulnerability that allows attackers with valid credentials to inject malicious code through the hardware configuration interface. Attackers can upload a custom hardware layer with embedded reverse shell code that establishes a network...

CVE-2025-32057

The Infotainment ECU manufactured by Bosch which is installed in Nissan Leaf ZE1 – 2020 uses a Redbend service for over-the-air provisioning and updates. HTTPS is used for communication with the back-end server. Due to usage of the default configuration for the underlying SSL engine, the server...

SUSE-SU-2026:0254-1 Security update for log4j

This update for log4j fixes the following issues: Security fixes: - CVE-2025-68161: Fixed absent TLS hostname verification that may allow a man-in-the-middle attack bsc1255427 Other fixes: - Upgrade to 2.18.0 Added + Add support for Jakarta Mail API in the SMTP appender. + Add support for custom...

SUSE-SU-2026:0246-1 Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.91 fixes various security issues The following security issues were fixed: - CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. - CVE-2022-50409: net: If sock is dead don't access sock's skwq in...

Security update for curl

This update for curl fixes the following issues: CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

SUSE-SU-2026:0219-1 Security update for go1.24

This update for go1.24 fixes the following issues: Update to go1.24.12 released 2026-01-15 bsc1236217 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. - CVE-2025-68119: cmd/go: unexpected code execution when invoking...

SUSE-SU-2026:0218-1 Security update for go1.25

This update for go1.25 fixes the following issues: Update to go1.25.6 released 2026-01-15 bsc1244485 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. - CVE-2025-68119: cmd/go: unexpected code execution when invoking...

Introducing the Generative Application Firewall (GAF)

This paper introduces the Generative Application Firewall GAF, a new architectural layer for securing LLM applications. Existing defenses -- prompt filters, guardrails, and data-masking -- remain fragmented; GAF unifies them into a single enforcement point, much like a WAF coordinates defenses fo...

Bosch Infotainment ECU security vulnerabilities

The Bosch Infotainment ECU is an in-car entertainment system developed by the German company Bosch. There is a security vulnerability in the Bosch Infotainment ECU. This vulnerability stems from the SSL engine using a default configuration, which results in the server root certificates not being...

Azure Linux 3.0 Security Update: valkey (CVE-2025-21605)

The version of valkey installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21605 advisory. - Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to...

Golang 1.25.x < 1.25.6 Multiple Vulnerabilities

The version of Golang running on the remote host is 1.25.x prior to 1.25.6. It is, therefore, affected by multiple vulnerabilities as referenced in advisory. - bypass of flag sanitization can lead to arbitrary code execution. CVE-2025-61731 - unexpected code execution when invoking toolchain...

Azure Linux 3.0 Security Update: kernel (CVE-2025-22004)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22004 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend...

CVE-2021-47770

OpenPLC v3 contains an authenticated remote code execution vulnerability that allows attackers with valid credentials to inject malicious code through the hardware configuration interface. Attackers can upload a custom hardware layer with embedded reverse shell code that establishes a network...

EUVD-2026-3655

OpenPLC v3 contains an authenticated remote code execution vulnerability that allows attackers with valid credentials to inject malicious code through the hardware configuration interface. Attackers can upload a custom hardware layer with embedded reverse shell code that establishes a network...

CVE-2021-47770

OpenPLC v3 contains an authenticated remote code execution vulnerability that allows attackers with valid credentials to inject malicious code through the hardware configuration interface. Attackers can upload a custom hardware layer with embedded reverse shell code that establishes a network...

CVE-2021-47770 OpenPLC 3 - Remote Code Execution

OpenPLC v3 contains an authenticated remote code execution vulnerability that allows attackers with valid credentials to inject malicious code through the hardware configuration interface. Attackers can upload a custom hardware layer with embedded reverse shell code that establishes a network...

CVE-2021-47770

OpenPLC v3 is affected by an authenticated remote code execution vulnerability. An attacker with valid credentials can inject malicious code via the hardware configuration interface by uploading a custom hardware layer containing embedded reverse shell code, which then initiates a network connect...

Security update for the Linux Kernel (Live Patch 15 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.70 fixes various security issues The following security issues were fixed: CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. CVE-2025-39682: tls: fix handling of zero-length records on the...