CVE-2026-32134

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

Unity Linux 20.1060a / 20.1070a Security Update: grafana (UTSA-2026-007107)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007107 advisory. During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake...

CVE-2026-34873

An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session...

Mbed TLS -- vulnerabilities

https://mbed-tls.readthedocs.io/en/latest/security-advisories/ reports: Client impersonation while resuming a TLS 1.3 session CVE-2026-34873 Entropy on Linux can fall back to /dev/urandom CVE-2026-34871 PSA random generator cloning CVE-2026-25835 Compiler-induced constant-time violations...

Important: Red Hat Security Advisory: Kiali 2.17.5 for Red Hat OpenShift Service Mesh 3.2

Kiali 2.17.5 for Red Hat OpenShift Service Mesh 3.2 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Kiali 2.17.5, for Re...

MiracleLinux 9 : podman-5.6.0-14.el9_7 (AXSA:2026-238:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-238:04 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: archive/zip: Excessive CP...

SUSE-SU-2026:0760-1 Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to version 1.25.7. Security issues fixed: - CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. - CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...

skopeo security update

An update is available for skopeo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The skopeo command lets you inspect images from container image registries, ge...

openSUSE 16 Security Update : go1.25 (openSUSE-SU-2026:20214-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20214-1 advisory. Update to version 1.25.7. Security issues fixed: - CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code...

Security update for go1.25

This update for go1.25 fixes the following issues: Update to version 1.25.7. Security issues fixed: CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated session tick...

SUSE-SU-2026:0427-1 Security update for go1.25

This update for go1.25 fixes the following issues: Update to version 1.25.7. Security issues fixed: - CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. - CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated session...

EUVD-2017-16491

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2023-41337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. In version 2.3.0-beta2 and prior, when h2o is configured to listen to multiple addresses or...

The vulnerability of the Junos OS Evolved operating system, related to deficiencies in access control, allows a perpetrator to resume an earlier session and gain access to the user account.

The vulnerability of the Junos OS Evolved operating system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to resume a previous session and gain access to the user account...

Exploit for Cross-site Scripting in Bdtask Multi_Store_Inventory_Management_System

CVE-2024-2997 Scanner !Versionhttps://img.shields.io/badge...

CVE-2024-39512

An Improper Physical Access Control vulnerability in the console port control of Juniper Networks Junos OS Evolved allows an attacker with physical access to the device to get access to a user account. When the console cable is disconnected, the logged in user is not logged out. This allows a...

PT-2024-5561 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Junos OS Evolved versions 23.2R2-EVO through 23.2R2-S1-EVO Junos OS Evolved versions 23.4R1-EVO through 23.4R2-EVO Description: An issue in the console port control of Juniper Networks Junos OS Evolved allows an attacker with physical access ...

SUSE CVE-2015-8036

Heap-based buffer overflow in ARM mbed TLS formerly PolarSSL 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service client crash and possibly execute arbitrary code via a long session ticket name to the session ticket extension, which is not properly handl...

Updated stunnel packages fix security vulnerability

Update to 5.62 including new features and bugfixes: Security bugfixes - The "redirect" option was fixed to properly handle unauthenticated requests bsc1182529. - Fixed a double free with OpenSSL older than 1.1.0. - Added hardening to systemd service bsc1181400. New features - Added new...

CVE-2020-1666

The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS Evolved fails to log out an active CLI session when the console cable is disconnected. This could allow a malicious attacker with physical access to the console the ability to resume a previous interactiv...