36790 matches found
Moderate: Red Hat Security Advisory: openssl security update
An update for openssl is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring Syst...
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...
Moderate: Red Hat Security Advisory: openssl security update
An update for openssl is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerabilit...
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...
Moderate: Red Hat Security Advisory: openssl security update
An update for openssl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Xfilesharing 2.5.1 - Arbitrary File Upload
SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload.This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP. id: CVE-2019-18952 info: name: Xfilesharing 2.5.1 - Arbitrary File Upload...
Security update for agama (important)
openSUSE security update: security update for agama ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21292-1 Rating: important References: bsc1270526 bsc1270602 bsc1270678 bsc1270784 bsc1270850 bsc1270891 bsc1270992 Cross-References: CVE-2026-41677...
mcp-server
NotCVE MCP Server !notcve/mcp-server MCP serverhttps://gl...
web-management-server-compromise-assessment
Web Management Server Compromise Assessment AMN SECUR...
Linux Distros Unpatched Vulnerability : CVE-2024-37305
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum...
Exploit for Improper Authentication in Apache Tomcat
CVE-2026-29145 – Everything Apache Tomcat CLIENTCERT + OCS...
Study of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Tracking
Researchers ran 281 of the most popular free VPN apps on the Google Play Store through a new testing system and found that many fail at the basics people install a VPN for, i.e., keeping their traffic private and secure. The apps flagged with at least one problem have been installed more than 2.4...
Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by multiple vulnerabilities due to pyOpenSSL
Summary pyOpenSSL is used by IBM Cloud Pak for Data System 1.0 as a Python wrapper around the OpenSSL library for TLS/SSL functionality. Multiple vulnerabilities affect pyOpenSSL. CVE-2026-27448 involves improper handling of unhandled exceptions in the settlsextservernamecallback callback, which...
SUSE SLES15 Security Update : rustup (SUSE-SU-2026:2831-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2831-1 advisory. This update for rustup fixes the following issues Security issues: - CVE-2024-12224: idna: idna accepts Punycode labels that do not...
EulerOS 2.0 SP12 : ruby (EulerOS-SA-2026-2567)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ERB is a templating system for Ruby. Ruby 2.7.0 before ERB 2.2.0 was published on rubygems.org introduced an @init instance variable guard in...
SUSE SLED15 / SLES15 Security Update : rustup (SUSE-SU-2026:2832-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2832-1 advisory. This update for rustup fixes the following issues Security issues: - CVE-2024-12224: idna: idna accepts Punyco...
Fedora 44 : php (2026-ec9cb4652f)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ec9cb4652f advisory. PHP version 8.5.8 02 Jul 2026 Core: Fixed bug GH-22280 Incorrect compile error for goto to label preceding try/finally block. Pratik Bhujel Fixed bug GH-2211...
SUSE SLES12: clamav / clamav-devel / clamav-docs-html / clamav-milter / etc (SUSE-SU-2026:2833-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2833-1 advisory. This update for clamav fixes the following issues - CVE-2026-20213: PE file format parser could allow an unauthenticated, remote attacker to...
SUSE SLED15: clamav / clamav-devel / clamav-docs-html / clamav-milter / etc (SUSE-SU-2026:2835-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2835-1 advisory. This update for clamav fixes the following issues - CVE-2026-20213: PE file format parser could allow an...