Lucene search
K

42 matches found

Ubuntu
Ubuntu
added 2026/06/22 5:23 p.m.4 views

USN-8447-3: Google Guest Agent vulnerabilities

USN-8447-1 fixed vulnerabilities in Go Cryptography. This update provides the corresponding updates for Go Cryptography code embedded in Google Guest Agent. Original advisory details: It was discovered that Go Cryptography did not properly handle SSH global request responses. A remote attacker...

10CVSS6.2AI score0.00533EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.9 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : Go Cryptography vulnerabilities (USN-8447-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8447-1 advisory. It was discovered that Go Cryptography did not properly handle SSH global request responses. ...

10CVSS6.3AI score0.00533EPSS
Exploits0References8
OSV
OSV
added 2026/06/18 8:5 p.m.5 views

USN-8447-2 lxd vulnerabilities

USN-8447-1 fixed vulnerabilities in Go Cryptography. This update provides the corresponding updates for Go Cryptography code embedded in LXD for CVE-2026-39830, CVE-2026-39833, CVE-2026-39834, and CVE-2026-42508. Original advisory details: It was discovered that Go Cryptography did not properly...

9.1CVSS5.8AI score0.00533EPSS
Exploits0References5
OSV
OSV
added 2026/06/17 1:43 p.m.6 views

USN-8447-1 golang-go.crypto vulnerabilities

It was discovered that Go Cryptography did not properly handle SSH global request responses. A remote attacker could possibly use this issue to cause a denial of service. CVE-2026-39830 It was discovered that Go Cryptography did not properly verify user presence when using FIDO/U2F security keys...

10CVSS5.7AI score0.00533EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

S2OPC OPC UA Toolkit 安全漏洞

S2OPC OPC UA Toolkit is an open-source development toolkit for OPC UA communication, developed by Systerel. The S2OPC OPC UA Toolkit contains a security vulnerability. This vulnerability stems from the CycloneCrypto encryption wrapper, where certificate revocation checks only consider the first...

5.6CVSS5.3AI score0.00108EPSS
Exploits0References1
Amazon
Amazon
added 2026/06/08 12:0 a.m.17 views

Important: docker

Issue Overview: The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated client...

10CVSS5.6AI score0.00533EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.13 views

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2026-1784)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1784 advisory. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected...

10CVSS7AI score0.00533EPSS
Exploits0References28
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.16 views

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2026-109 (ALASNITRO-ENCLAVES-2026-109)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-109 advisory. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused...

10CVSS7AI score0.00533EPSS
Exploits0References28
Amazon
Amazon
added 2026/06/08 12:0 a.m.10 views

Important: containerd

Issue Overview: An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state a...

10CVSS5.8AI score0.00533EPSS
Exploits0
Amazon
Amazon
added 2026/06/08 12:0 a.m.19 views

Important: containerd

Issue Overview: An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state a...

10CVSS5.7AI score0.00533EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.11 views

CVE-2026-42508

A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority CA. A remote attacker could potentially exploit this by presenting a revoked key, leading t...

9.1CVSS5.4AI score0.00487EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.15 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-42508)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-42508 advisory. - Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocatio...

9.1CVSS5.8AI score0.00487EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/26 12:59 p.m.14 views

Apache Tomcat: Apache Tomcat: Authentication bypass via client certificate misconfiguration

A flaw was found in Apache Tomcat where OCSP-based certificate validation may incorrectly soft-fail during CLIENTCERT authentication, even when soft-fail is disabled, under certain FFM-related execution paths. This can result in client certificates being accepted despite failed or unverifiable...

6.5CVSS5.9AI score0.00469EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/15 10:16 a.m.6 views

LDAP Injection

Overview Affected versions of this package are vulnerable to LDAP Injection via the parseDN handling and the LDAP store helpers in X509LDAPCertStoreSpi and LDAPStoreHelper. An attacker can influence LDAP search filters by supplying a crafted X.500 subject or issuer string that is parsed into an...

7.3CVSS5.7AI score0.00527EPSS
Exploits0References2
NVD
NVD
added 2026/03/19 9:17 p.m.8 views

CVE-2026-4428

A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a revoked certificate to bypass certificate revocation checks. To remediate this issue, users should upgrade to AWS-LC 1.71.0 or...

9.1CVSS0.00252EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/19 8:37 p.m.13 views

EUVD-2026-13237

A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a revoked certificate to bypass certificate revocation checks. To remediate this issue, users should upgrade to AWS-LC 1.71.0 or...

9.1CVSS5.7AI score0.00252EPSS
Exploits0References2
OSV
OSV
added 2026/03/19 12:0 p.m.5 views

RUSTSEC-2026-0042 CRL Distribution Point Scope Check Logic Error in AWS-LC

A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs with Issuing Distribution Point IDP extensions. Customers of AWS services do not...

7.4CVSS5.9AI score0.00252EPSS
Exploits0References4
RustSec
RustSec
added 2026/03/19 12:0 p.m.9 views

CRL Distribution Point Scope Check Logic Error in AWS-LC

A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs with Issuing Distribution Point IDP extensions. Customers of AWS services do not...

9.1CVSS5.9AI score0.00252EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.6 views

PT-2026-26369

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs wi...

9.1CVSS5.9AI score0.00252EPSS
Exploits0References16
SUSE Linux
SUSE Linux
added 2026/03/13 8:57 a.m.6 views

Security update for tomcat10

This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.52: CVE-2025-66614: client certificate verification bypass due to virtual host mapping bsc1258371. CVE-2026-24733: improper input validation on HTTP/0.9 requests bsc1258385. CVE-2026-24734: certificate revocation bypass du...

8.7CVSS5.7AI score0.00498EPSS
Exploits0References12
Rows per page
Query Builder