Lucene search
K

171 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.3 views

Amazon Linux 2023 : golist (ALAS2023-2026-1874)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1874 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, . to execute repeatedly on the same...

7.5CVSS6.1AI score0.00763EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.4 views

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1878)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1878 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, . to execute repeatedly on the same...

7.5CVSS6AI score0.00763EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.4 views

Amazon Linux 2023 : golang-github-burntsushi-toml, golang-github-burntsushi-toml-devel (ALAS2023-2026-1877)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1877 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, . to execute repeatedly on the same...

7.5CVSS6AI score0.00763EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2023 : compat-golang-github-cpuguy83-md2man-2-devel, golang-github-cpuguy83-md2man, golang-github-cpuguy83-md2man-devel (ALAS2023-2026-1875)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1875 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, . to execute repeatedly on the same...

7.5CVSS6AI score0.00763EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2 : golang, --advisory ALAS2-2026-3383 (ALAS-2026-3383)

The version of golang installed on the remote host is prior to 1.25.11-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3383 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN...

7.5CVSS6.1AI score0.00763EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2 : golist, --advisory ALAS2-2026-3382 (ALAS-2026-3382)

The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3382 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN...

7.5CVSS6.1AI score0.00763EPSS
Exploits0References8
OSV
OSV
added 2026/06/17 8:37 a.m.4 views

OPENSUSE-SU-2026:20976-1 Security update for go1.26

This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...

7.5CVSS5.9AI score0.00763EPSS
Exploits0References9
OSV
OSV
added 2026/06/11 12:37 a.m.6 views

CLEANSTART-2026-KV53168 Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU

Security vulnerability affects the kyverno-policy-reporter-kyverno-plugin package. Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

9.8CVSS5.5AI score0.0056EPSS
Exploits0References3
OSV
OSV
added 2026/06/09 7:6 p.m.6 views

SUSE-SU-2026:2327-1 Security update for go1.26

This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...

7.5CVSS5.7AI score0.00763EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2026/06/09 7:5 p.m.7 views

Security update for go1.25

This update for go1.25 fixes the following issues Update to go1.25.11 bsc1244485: CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. CVE-2026-42507: net/textproto: arbitrary input are...

6.9CVSS5.7AI score0.00763EPSS
Exploits0References14
OSV
OSV
added 2026/06/09 7:5 p.m.9 views

SUSE-SU-2026:2326-1 Security update for go1.25

This update for go1.25 fixes the following issues Update to go1.25.11 bsc1244485: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...

7.5CVSS5.7AI score0.00763EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/06/04 2:24 a.m.9 views

SUSE CVE-2026-42504

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

6.5CVSS5.8AI score0.0056EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.7 views

Golang 1.25.x < 1.25.11 / 1.26.x < 1.26.4 Multiple Vulnerabilities

The version of Golang running on the remote host is 1.25.x prior to 1.25.11, or 1.26.x prior to 1.26.4. It is, therefore, affected by multiple vulnerabilities: - x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caus...

7.5CVSS5.9AI score0.00763EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/03 12:30 a.m.10 views

EUVD-2026-34039

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

5.8AI score0.0056EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.20 views

Linux Distros Unpatched Vulnerability : CVE-2026-42504

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU. CVE-2026-42504 Note that Nessus relies on the presen...

7.5CVSS5.5AI score0.0056EPSS
Exploits0References3
NVD
NVD
added 2026/06/02 11:16 p.m.104 views

CVE-2026-42504

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

7.5CVSS0.0056EPSS
Exploits0References4
OSV
OSV
added 2026/06/02 11:16 p.m.6 views

DEBIAN-CVE-2026-42504

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

7.5CVSS5.8AI score0.0056EPSS
Exploits0References1
OSV
OSV
added 2026/06/02 11:16 p.m.7 views

UBUNTU-CVE-2026-42504

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

7.5CVSS5.2AI score0.0056EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/06/02 10:1 p.m.9 views

CVE-2026-42504

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

7.5CVSS5.8AI score0.0056EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/02 10:1 p.m.37 views

CVE-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

0.0056EPSS
Exploits0References4
Rows per page
Query Builder