Lucene search
K

28 matches found

RedHat Linux
RedHat Linux
added 5 days ago4 views

gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification

A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names SANs...

5.3CVSS6.7AI score0.00638EPSS
Exploits1References5
OSV
OSV
added 2026/03/30 7:57 p.m.10 views

USN-8134-1 pyasn1 vulnerabilities

It was discovered that pyasn1 could exhaust system resources when attempting to decode a malformed certificate. An attacker could possibly use this to cause a denial of service. CVE-2026-23490 Kevin Tu discovered that pyasn1 could exhaust system resources via uncontrolled recursion when attemptin...

7.5CVSS7.3AI score0.00679EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2026/03/30 7:57 p.m.6 views

USN-8134-1: pyasn1 vulnerabilities

It was discovered that pyasn1 could exhaust system resources when attempting to decode a malformed certificate. An attacker could possibly use this to cause a denial of service. CVE-2026-23490 Kevin Tu discovered that pyasn1 could exhaust system resources via uncontrolled recursion when attemptin...

7.5CVSS5.9AI score0.00679EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/03/24 10:39 a.m.5 views

gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification

A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names SANs...

5.3CVSS5.7AI score0.00638EPSS
Exploits1References5
NVD
NVD
added 2026/02/09 3:16 p.m.8 views

CVE-2025-14831

A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names SANs...

5.3CVSS0.00638EPSS
Exploits1References28
RedhatCVE
RedhatCVE
added 2025/12/11 4:50 a.m.3 views

CVE-2025-61729

Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...

7.5CVSS6.8AI score0.00459EPSS
Exploits2References7
EUVD
EUVD
added 2025/12/02 9:31 p.m.4 views

EUVD-2025-200318

Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...

7.5CVSS6.3AI score0.00459EPSS
Exploits2References5
OSV
OSV
added 2025/12/02 7:15 p.m.8 views

AZL-71305 CVE-2025-61729 affecting package msft-golang 1.24.13-1

Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...

7.5CVSS6.7AI score0.00459EPSS
Exploits2References1
OSV
OSV
added 2025/12/02 7:15 p.m.2 views

UBUNTU-CVE-2025-61729

Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...

7.5CVSS6.7AI score0.00459EPSS
Exploits2References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-8302

Malware in sbrugna...

5.5CVSS5.5AI score0.00137EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.8 views

PT-2025-33023 · Palo Alto Networks · Globalprotect

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks GlobalProtect app affected versions not specified Description: An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect app allows attackers to connect the app to arbitrary servers. This can enab...

5.3CVSS6.1AI score0.00108EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/08/04 12:36 p.m.7 views

CVE-2025-6037

A flaw was found in github.com/hashicorp/vault. The TLS certificate authentication method fails to properly validate client certificates when a non-CA certificate is designated as trusted. This vulnerability enables an attacker with a manipulated certificate to evade authentication and impersonat...

6.8CVSS6.2AI score0.00223EPSS
Exploits0References5
NVD
NVD
added 2025/08/01 6:15 p.m.21 views

CVE-2025-6037

Vault and Vault Enterprise “Vault” TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as +trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/certcertificate. In this configuration, an attacker may be able to...

6.8CVSS0.00223EPSS
Exploits0References1
NVD
NVD
added 2025/01/09 3:15 p.m.19 views

CVE-2023-24010

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

8.2CVSS0.00326EPSS
Exploits0References2
OSV
OSV
added 2025/01/09 3:15 p.m.8 views

CVE-2023-24010

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

8.2CVSS6.7AI score
Exploits0References2
Cvelist
Cvelist
added 2025/01/09 2:36 p.m.17 views

CVE-2023-24012 Data Distribution Service (DDS) Chain of Trust (CoT) violation vulnerability in Open DDS

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

8.2CVSS0.00271EPSS
Exploits1References2
CVE
CVE
added 2025/01/09 2:36 p.m.51 views

CVE-2023-24011

CVE-2023-24011 is a DDS ecosystem vulnerability arising from non-compliant permission document verification and improper use of OpenSSL PKCS7_verify to validate S/MIME signatures. Attackers could craft malicious DDS Participants or ROS 2 Nodes with valid certificates to gain full control of a sec...

8.2CVSS8.1AI score0.00329EPSS
Exploits0References2
OSV
OSV
added 2024/12/16 2:1 p.m.13 views

BIT-NODE-MIN-2022-3786 X.509 Email Address Variable Length Buffer Overflow

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate...

7.5CVSS8.1AI score0.91153EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2024/12/06 12:0 a.m.16 views

Palo Alto GlobalProtect Agent Privilege Escalation (CVE-2024-5921)

According to its self-reported version, the Palo Alto GlobalProtect Agent installed on the remote host is affected by a vulnerability as referenced in the CVE-2024-5921 advisory: - An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to...

8.8CVSS8.9AI score0.01454EPSS
Exploits2References2
NVD
NVD
added 2024/11/27 4:15 a.m.33 views

CVE-2024-5921

An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root...

8.8CVSS0.01454EPSS
Exploits2References3
Rows per page
Query Builder