9962 matches found
BIT-JAVA-MIN-2020-14577
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to...
BIT-JAVA-2020-14577
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to...
EUVD-2025-209663
HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow an attacker to compromise the confidentiality, integrity, and authentication of sensitive information...
EUVD-2026-27571
In the Linux kernel, the following vulnerability has been resolved: l2tp: Drop large packets with UDP encap syzbot reported a WARN on my patch series 1. The actual issue is an overflow of 16-bit UDP length field, and it exists in the upstream code. My series added a debug WARN with an overflow...
golang security update
An update is available for golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Security...
grafana security update
An update is available for grafana. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor f...
RLSA-2026:11711 Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key...
grafana-pcp security update
An update is available for grafana-pcp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Grafana plugin for Performance Co-Pilot includes datasources for...
CVE-2025-59852
HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow an attacker to compromise the confidentiality, integrity, and authentication of sensitive information...
CVE-2025-59852
CVE-2025-59852 affects HCL DFXAnalytics. The vulnerability is described as Insufficient Transport Layer Protection, where data is transmitted over the network without encryption, potentially compromising the confidentiality, integrity, and authentication of sensitive information. The available do...
CVE-2025-59852
HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow an attacker to compromise the confidentiality, integrity, and authentication of sensitive information...
CVE-2026-6860
A TCP client can perform a TLS handshake and present the server name extension with a server name that is accepted by a server wildcard name, e.g. if the server is configured with a certificate accepting .example.com, any XYZ.example.com where xyz is a valid name can be used...
CVE-2026-43080
In the Linux kernel, the following vulnerability has been resolved: l2tp: Drop large packets with UDP encap syzbot reported a WARN on my patch series 1. The actual issue is an overflow of 16-bit UDP length field, and it exists in the upstream code. My series added a debug WARN with an overflow...
CVE-2026-6860
A TCP client can perform a TLS handshake and present the server name extension with a server name that is accepted by a server wildcard name, e.g. if the server is configured with a certificate accepting .example.com, any XYZ.example.com where xyz is a valid name can be used...
CVE-2026-43080
In the Linux kernel, the following vulnerability has been resolved: l2tp: Drop large packets with UDP encap syzbot reported a WARN on my patch series 1. The actual issue is an overflow of 16-bit UDP length field, and it exists in the upstream code. My series added a debug WARN with an overflow...
CVE-2026-43080 l2tp: Drop large packets with UDP encap
In the Linux kernel, the following vulnerability has been resolved: l2tp: Drop large packets with UDP encap syzbot reported a WARN on my patch series 1. The actual issue is an overflow of 16-bit UDP length field, and it exists in the upstream code. My series added a debug WARN with an overflow...
CVE-2026-43080
Summary of CVE-2026-43080 (Linux kernel) : The issue resides in the L2TP/PPP over L2TP code path where an oversized PPPoL2TP packet sent with UDP encapsulation can trigger an overflow of the 16‑bit UDP length field, causing the length to be trimmed and potentially sending malformed packets. The p...
CVE-2026-43080
In the Linux kernel, the following vulnerability has been resolved: l2tp: Drop large packets with UDP encap syzbot reported a WARN on my patch series 1. The actual issue is an overflow of 16-bit UDP length field, and it exists in the upstream code. My series added a debug WARN with an overflow...
CVE-2026-32283
A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...
PT-2026-37757
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...