487 matches found
Security Bulletin: Multiple vulnerabilities affect IBM Cloud Pak System
Summary Multiple vulnerabilities affect IBM Cloud Pak System. These vulnerabilties have been addressed with IBM Cloud Pak System 2.3.5.1. Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption c...
RLSA-2026:30844 Moderate: mod_md security update
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: httpd:...
ALSA-2026:30845 Moderate: mod_md security update
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: httpd:...
GO-2026-5564 Open Cluster Management (OCM): Cross-cluster privilege escalation via improper Kubernetes client certificate renewal validation in open-cluster-management.io/ocm
Open Cluster Management OCM: Cross-cluster privilege escalation via improper Kubernetes client certificate renewal validation in open-cluster-management.io/ocm...
GO-2026-5526 OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation in github.com/openbao/openbao
OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation in github.com/openbao/openbao...
GO-2026-5304 OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/{revoke,renew} — incomplete fix of CVE-2026-45808 in github.com/openbao/openbao
OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/revoke,renew — incomplete fix of CVE-2026-45808 in github.com/openbao/openbao...
GO-2026-5213 OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate in github.com/openbao/openbao
OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate in github.com/openbao/openbao...
CVE-2026-56113
A flaw was found in dhcpcd. An unauthenticated attacker on the same network link can exploit this vulnerability by sending a specially crafted DHCPv6 RENEW reply. This can lead to a Denial of Service DoS, causing the dhcpcd daemon to crash due to a heap use-after-free vulnerability...
CVE-2026-56113
dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...
CVE-2026-56113
dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...
PT-2026-51562
Name of the Vulnerable Software and Affected Versions dhcpcd versions prior to 10.3.3 Description A heap use-after-free issue exists where unauthenticated attackers on the same link can crash the daemon. This occurs when a crafted DHCPv6 RENEW reply is sent containing an RFC6603 OPTION PD EXCLUDE...
unbound: Unbound: Denial of Service due to degraded resolution performance in jostle logic
A flaw was found in Unbound. An adversary who can query a vulnerable Unbound instance and control a slow or malicious domain name server can exploit a vulnerability in the jostle logic. This flaw allows retransmitted queries to renew the age of slow-running queries, preventing them from being...
Astra Linux – Vulnerability in Linux
The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP does not require that all fragments of a frame be encrypted with the same key. An adversary can exploit this weakness to decrypt selected fragments when another device sends fragmented...
[SECURITY] Fedora 43 Update: mod_md-2.6.11-2.fc43
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal...
[SECURITY] Fedora 44 Update: mod_md-2.6.11-2.fc44
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal...
The Latest Push to Extend Key US Spy Powers Is Still a Mess
A US surveillance program that lets the FBI view Americans’ communications without a warrant is up for renewal. A new bill aims to address mounting lawmaker concerns—with smoke and mirrors...
GHSA-P49J-V9WC-WG57 OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation
Impact OpenBao's namespaces provide multi-tenant separation. A tenant who leaks token accessors can have their token revoked or renewed by a privileged administrator in another tenant. Patches This was addressed in v2.5.3...
EUVD-2026-24029
OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate...
OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate
Background OpenBao's Certificate authentication method, when a token renewal is requested and disablebinding=true is set, attempts to verify the current request's presented mTLS certificate matches the original. Token renewals for other authentication methods do not require any supplied login...
GHSA-7CCV-RP6M-RFFR OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate
Background OpenBao's Certificate authentication method, when a token renewal is requested and disablebinding=true is set, attempts to verify the current request's presented mTLS certificate matches the original. Token renewals for other authentication methods do not require any supplied login...