Lucene search
K

13 matches found

NVD
NVD
added 6 days ago7 views

CVE-2026-11999

X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra whose application calls X509verifycert with caller-supplied untrusted intermediates; for those users it is critical, otherwis...

8.2CVSS0.00145EPSS
Exploits0References2
OSV
OSV
added 6 days ago2 views

UBUNTU-CVE-2026-11999

X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra whose application calls X509verifycert with caller-supplied untrusted intermediates; for those users it is critical, otherwis...

8.2CVSS5.8AI score0.00145EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago4 views

EUVD-2026-39496

X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra whose application calls X509verifycert with caller-supplied untrusted intermediates; for those users it is critical, otherwis...

8.2CVSS5.9AI score0.00145EPSS
Exploits0References2
CVE
CVE
added 6 days ago13 views

CVE-2026-11999

CVE-2026-11999 affects wolfSSL when built with --enable-opensslextra. The X509_verify_cert() path-depth exhaustion in wolfSSL_X509_verify_cert() can allow an attacker-controlled certificate to be accepted if the caller supplies untrusted intermediates and the chain depth exceeds the verifier’s ma...

8.2CVSS5.9AI score0.00145EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-11999 X.509 trust-chain bypass via path-depth exhaustion in wolfSSL_X509_verify_cert()

X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with --enable-opensslextra whose application calls X509verifycert with caller-supplied untrusted intermediates; for those users it is critical, otherwis...

8.2CVSS0.00145EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 6 days ago10 views

PT-2026-52511

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description A trust-chain bypass exists in the OpenSSL compatibility certificate verifier function wolfSSL X509 verify cert. This issue occurs in builds configured with --enable-opensslextra when an...

8.2CVSS5.8AI score0.00145EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.30 views

Amazon Linux 2023 : jq, jq-devel (ALAS2023-2026-1815)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1815 advisory. jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvpstringappend and jvpstringcopyreplacebad functions, where concatenating string...

8.2CVSS6AI score0.00559EPSS
Exploits7References18
OSV
OSV
added 2026/05/07 8:26 a.m.8 views

CLSA-2026-1778142360 jq: Fix of 2 CVEs

CVE-2026-33947: limit path depth in jvsetpath, jvgetpath, and jvdelpaths to prevent stack overflow from deep path arrays - CVE-2026-33948: remove strlen-based length calculation that truncated JSON input at embedded NUL bytes, preventing parser-differential attacks...

6.3CVSS5.9AI score0.00256EPSS
Exploits2References1
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.5 views

OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an authentication bypass vulnerability caused by a /api/channels route classification flaw due to a mismatch in the depth of normalization between authentication path classification and route path...

8.3CVSS5.8AI score0.00297EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/10/20 10:1 a.m.2 views

kernel: eventpoll: Fix semi-unbounded recursion

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

5.5CVSS5.7AI score0.00153EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-38614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures th...

5.5CVSS6.3AI score0.00153EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/04/24 3:25 a.m.3 views

SUSE CVE-2025-22079

In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate ltreedepth to avoid out-of-bounds access The ltreedepth field is 16-bit le16, but the actual maximum depth is limited to OCFS2MAXPATHDEPTH. Add a check to prevent out-of-bounds access if ltreedepth has an invalid...

7.1CVSS7.7AI score0.00178EPSS
Exploits0References3
NVD
NVD
added 2025/04/16 3:16 p.m.6 views

CVE-2025-22079

In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate ltreedepth to avoid out-of-bounds access The ltreedepth field is 16-bit le16, but the actual maximum depth is limited to OCFS2MAXPATHDEPTH. Add a check to prevent out-of-bounds access if ltreedepth has an invalid...

7.1CVSS0.00178EPSS
Exploits0References11
Rows per page
Query Builder