Lucene search
K

957 matches found

RedhatCVE
RedhatCVE
added 5 days ago7 views

CVE-2026-35188

A flaw was found in OpenSSL. A malicious server can exploit the TLS Online Certificate Status Protocol OCSP stapling feature by sending a specially crafted response. This can trigger a double-free vulnerability in the client's certificate verification process, potentially leading to a Denial of...

5.9CVSS7.2AI score0.00245EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/07/07 3:16 p.m.8 views

SUSE CVE-2026-42327

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...

7.5CVSS6AI score0.00211EPSS
Exploits0References9
OSV
OSV
added 2026/07/07 12:5 p.m.5 views

RLSA-2026:34109 Important: httpd security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: incomplete fix for CVE-2023-38709 CVE-2024-42516 httpd: NULL pointer dereference via specially crafted request CVE-2026-29169 httpd: Apache HTTP Server: Heap-based Buffer...

7.7CVSS6AI score0.00805EPSS
Exploits0References8
OSV
OSV
added 2026/07/06 2:4 a.m.2 views

SUSE-SU-2026:2759-1 Security update for apache2

This update for apache2 fixes the following issues - CVE-2026-29167: modldap per-dir use-after-free bsc1267976. - CVE-2026-29170: modproxyftp XSS bsc1267977. - CVE-2026-34355: modproxyhtml buffer overflow bsc1267978. - CVE-2026-34356: malicious backend servers can lead to a heap-based buffer...

9.8CVSS7.2AI score0.11471EPSS
Exploits8References27
Rockylinux
Rockylinux
added 2026/07/01 12:3 p.m.5 views

mod_md security update

An update is available for modmd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list This module manages common properties of domains for one or more virtual hosts...

7.3CVSS7.1AI score0.00628EPSS
Exploits0
OSV
OSV
added 2026/07/01 12:0 a.m.4 views

ALSA-2026:34109 Important: httpd security, bug fix, and enhancement update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: incomplete fix for CVE-2023-38709 CVE-2024-42516 httpd: NULL pointer dereference via specially crafted request CVE-2026-29169 httpd: Apache HTTP Server: Heap-based Buffer...

9.8CVSS6.8AI score0.03914EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2026/06/29 6:28 p.m.7 views

Moderate: Red Hat Security Advisory: mod_md security update

An update for modmd is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.3CVSS7AI score0.00628EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/29 2:55 a.m.7 views

Moderate: Red Hat Security Advisory: mod_md security update

An update for modmd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.3CVSS7AI score0.00628EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2026/06/29 12:0 a.m.8 views

tomcat security update

1:9.0.117-1 - Resolves: RHEL-150714 Certificate revocation bypass due to improper OCSP response validation - Resolves: Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is disabled CVE-2026-34500 - Resolves: Tomcat: Cloud membership for clustering component exposed the Kubernet...

9.6CVSS7.2AI score0.21691EPSS
Exploits9
OSV
OSV
added 2026/06/29 12:0 a.m.5 views

ALSA-2026:30844 Moderate: mod_md security update

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: httpd:...

7.3CVSS7.1AI score0.00628EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.10 views

Oracle Linux 9 : gnutls (ELSA-2026-20612)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-20612 advisory. - Fix CVE-2026-33846 DTLS fragment reassembly, High, heap overwrite - Fix CVE-2026-42009 DTLS fragment reassembly, High, undefined behaviour - Fix...

9.8CVSS5.9AI score0.01335EPSS
Exploits2References14
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

Oracle Linux 9 : tomcat (ELSA-2026-26323)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-26323 advisory. - Resolves: Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is disabled CVE-2026-34500 - Resolves: Tomcat: Cloud membership for clustering...

9.1CVSS7.3AI score0.21691EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.9 views

SUSE SLES12 Security Update : openssl-1_0_0 (SUSE-SU-2026:2396-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2396-1 advisory. This update for openssl-100 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion...

8.8CVSS5.9AI score0.02719EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.9 views

SUSE SLES15 Security Update : openssl-1_0_0 (SUSE-SU-2026:2399-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2399-1 advisory. This update for openssl-100 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String...

8.8CVSS5.9AI score0.02719EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.11 views

RHEL 10 : gnutls (RHSA-2026:26409)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26409 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such ...

9.8CVSS6AI score0.01335EPSS
Exploits2References28
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.8 views

RHEL 9 : tomcat (RHSA-2026:26323)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26323 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat: Certificate...

7.5CVSS5.4AI score0.00498EPSS
Exploits0References4
OSV
OSV
added 2026/06/15 3:5 p.m.8 views

SUSE-SU-2026:2399-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delt...

8.8CVSS8.3AI score0.02719EPSS
Exploits0References16
SUSE Linux
SUSE Linux
added 2026/06/15 2:34 p.m.7 views

Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL...

8.2CVSS8.1AI score0.02719EPSS
Exploits0References30
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.8 views

openSUSE 16 Security Update : erlang (openSUSE-SU-2026:20907-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20907-1 advisory. This update for erlang fixes the following issues - CVE-2025-4748: improper limitation of a pathname may lead to path traversal bsc1244642. -...

8.1CVSS5.6AI score0.00354EPSS
Exploits0References15
OSV
OSV
added 2026/06/10 8:39 a.m.9 views

BIT-APACHE-2026-44185 Apache HTTP Server: Stack Buffer Over-Read in mod_ssl OCSP `send_request`

Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

7.3CVSS5.4AI score0.00598EPSS
Exploits0References7
Rows per page
Query Builder