1289 matches found
ServiceNow - Cross-Site Scripting
ServiceNow through San Diego Patch 4b and Patch 6 contains a cross-site scripting vulnerability in the logout functionality, which can enable an unauthenticated remote attacker to execute arbitrary JavaScript. id: CVE-2022-38463 info: name: ServiceNow - Cross-Site Scripting author: amanrawat...
crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries
A flaw was found in the crypto/x509 package of golang. This vulnerability allows a remote attacker to cause a Denial of Service DoS by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name SAN entries. The certificate verification process, specifical...
skopeo security update
An update is available for skopeo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The skopeo command lets you inspect images from container image registries, ge...
RLSA-2026:35832 Important: golang-github-openprinting-ipp-usb security update
HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol. Security Fixes: net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME CVE-2026-33811 crypto/x509: golang: golang...
golang-github-openprinting-ipp-usb security update
An update is available for golang-github-openprinting-ipp-usb. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list HTTP reverse proxy, backed by IPP-over-USB...
RLSA-2026:34359 Important: opentelemetry-collector security update
Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fixes: github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint CVE-2026-42154 github.com/prometheus/prometheus:...
opentelemetry-collector security update
An update is available for opentelemetry-collector. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Collector with the supported components for a Rocky Enterpris...
Fedora 43 : cpp-httplib (2026-1d4bd0354a)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1d4bd0354a advisory. Update to 0.48.0 rhbz2481109 Security fixes - Complete the IP-host certificate identity fix from v0.47.0 for the Mbed TLS and wolfSSL backends. An...
crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries
A flaw was found in the crypto/x509 package of golang. This vulnerability allows a remote attacker to cause a Denial of Service DoS by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name SAN entries. The certificate verification process, specifical...
crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application
A flaw was found in the crypto/x509 package within Go golang. When verifying a certificate chain, excluded DNS Domain Name System constraints are not correctly applied to wildcard DNS Subject Alternative Names SANs if the case of the SAN differs from the constraint. This oversight could allow an...
Important: Red Hat Security Advisory: gnutls and libtasn1 security update
An update for multiple packages is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
Important: Red Hat Security Advisory: gnutls and libtasn1 security update
An update for multiple packages is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
RHEL 9 : gnutls (RHSA-2026:32962)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:32962 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such a...
CVE-2026-47778
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .cstr before bei...
CVE-2026-10592
CVE-2026-10592 concerns certificates with wildcard DNS SANs (e.g., *.example.com) bypassing CA name-constraint checks. A wildcard SAN that should be rejected by the issuing CA’s permitted/excluded DNS name constraints could be accepted, enabling potential mis-issuance. The provided documents refe...
CVE-2026-10592
Certificates with wildcard DNS SANs e.g. .example.com bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS name constraints could be accepted...
crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries
A flaw was found in the crypto/x509 package of golang. This vulnerability allows a remote attacker to cause a Denial of Service DoS by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name SAN entries. The certificate verification process, specifical...
Hackers Claim to Leak Stolen Madison Square Garden Data
Plus: Gay bars in San Francisco using face scanners, France quits Palantir, Apple plans to change its private email, and more...
RHEL 10 : gnutls (RHSA-2026:26409)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26409 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such ...
CVE-2026-9648
The CVE-2026-9648 affects the crypton-x509-validation (and related crypton-x509) libraries used in Haskell TLS stacks. The root cause is the failure to enforce X.509 NameConstraints, allowing a TLS client to accept SANs outside the issuing sub-CA’s permitted subtrees. This enables an attacker who...