SUSE-SU-2026:21867-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. - CVE-2026-5419: gnutlscipherdecrypt3: make PKCS7 unpadding...

CVE-2026-5549

A vulnerability was determined in Tenda AC10 16.03.10.10multiTDE01. Affected by this issue is some unknown functionality of the file /webrootro/pem/privkeySrv.pem of the component RSA 2048-bit Private Key Handler. Executing a manipulation can lead to use of hard-coded cryptographic key . The atta...

PT-2024-22602 · Gnutls +10 · Gnutls +10

Name of the Vulnerable Software and Affected Versions: GnuTLS affected versions not specified Description: A flaw was found in GnuTLS, known as the Minerva attack, which is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In...

Toxssin - An XSS Exploitation Command-Line Interface And Payload Generator

toxssin is an open-source penetration testing tool that automates the process of exploiting Cross-Site Scripting XSS vulnerabilities. It consists of an https server that works as an interpreter for the traffic generated by the malicious JavaScript payload that powers this tool toxin.js. This...

Information Disclosure

ansible is vulnerable to information disclosure. The nolog feature is not enabled by default and confidential information such as the authkey and privkey are logged to the console...

CVE-2014-4526

Multiple cross-site scripting XSS vulnerabilities in callback.php in the efence plugin 1.3.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 message, 2 zoneid, 3 pubKey, or 4 privKey parameter...