Lucene search
K

2252 matches found

Fedora
Fedora
added 3 days ago8 views

[SECURITY] Fedora 44 Update: p11-kit-0.26.4-1.fc44

p11-kit provides a way to load and enumerate PKCS11 modules, as well as a standard configuration setup for installing PKCS11 modules in such a way that they're discoverable...

6.2CVSS6.1AI score0.00137EPSS
Exploits0
NVD
NVD
added 2026/07/07 2:16 p.m.8 views

CVE-2026-44938

A vulnerability has been identified in Fleet's agent-side deployer, which did not filter security-sensitive keys from namespaceLabels in fleet.yaml or BundleDeployment.spec.options.namespaceLabels when applying them to the target namespace. An attacker with git push access to a Fleet-monitored...

8.8CVSS0.00508EPSS
Exploits0References2
CVE
CVE
added 2026/07/07 1:5 p.m.20 views

CVE-2026-44938

CVE-2026-44938 affects Fleet’s agent-side deployer, which did not filter security‑sensitive keys from namespaceLabels when applying them to a target namespace. An attacker with git push access to a Fleet-monitored repo could overwrite Pod Security Standards (PSS) enforcement labels, weakening adm...

8.8CVSS5.9AI score0.00508EPSS
Exploits0References2
Fedora
Fedora
added 2026/07/04 1:7 a.m.8 views

[SECURITY] Fedora 43 Update: pdns-5.0.6-1.fc43

The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only name server. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database...

4.3CVSS5.9AI score0.00479EPSS
Exploits0
Chainguard
Chainguard
added 2026/07/02 2:16 p.m.10 views

CVE-2026-42295 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-fips, kubeflow-pipelines-driver-fips, argo-workflows, kubeflow-pipelines, argo-workflows-fips...

8.5CVSS6.1AI score0.00357EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2026/07/01 8:57 p.m.7 views

Rancher has Privilege Escalation from Project Owner to Host

Impact A vulnerability has been identified in Rancher Manager that allows users assigned the Project Owner role to modify Pod Security Admission PSA labels on namespaces within their projects. Under the default role configuration, an attacker with the following access pattern can exploit this...

9.4CVSS5.8AI score0.00319EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/07/01 8:35 p.m.5 views

GHSA-864G-863M-VCVQ Fleet has PSS Bypass through addLabelsFromOptions in Fleet Agent

Impact A vulnerability has been identified in Fleet's agent-side deployer, which did not filter security-sensitive keys from namespaceLabels in fleet.yaml or BundleDeployment.spec.options.namespaceLabels when applying them to the target namespace. An attacker with git push access to a...

8.8CVSS5.8AI score0.00508EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/07/01 8:35 p.m.14 views

Fleet has PSS Bypass through addLabelsFromOptions in Fleet Agent

Impact A vulnerability has been identified in Fleet's agent-side deployer, which did not filter security-sensitive keys from namespaceLabels in fleet.yaml or BundleDeployment.spec.options.namespaceLabels when applying them to the target namespace. An attacker with git push access to a...

8.8CVSS5.8AI score0.00508EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/29 6:44 p.m.23 views

CVE-2026-13757

CVE-2026-13757 affects p11-kit. The RPC attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() can form a mutually-recursive call chain with no recursion depth limit when handling nested CKA_WRAP_TEMPLATE, CKA_UNWRAP_TEMPLATE, and CKA_DERIVE_TE...

6.2CVSS5.8AI score0.00137EPSS
Exploits0References5Affected Software3
RedHat Linux
RedHat Linux
added 2026/06/29 3:13 p.m.5 views

gnutls: gnutls: Information disclosure via heap overread in RSA key exchange

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...

8.2CVSS5.8AI score0.00727EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 2:54 a.m.5 views

gnutls: gnutls: Information disclosure via heap overread in RSA key exchange

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...

8.2CVSS5.8AI score0.00727EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 2:40 a.m.6 views

gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling

A flaw was found in gnutls. An off-by-one error exists in the PKCS12 bag element bounds check. This vulnerability allows an remote attacker to write past the internal array of a PKCS12 bag when appending to a bag that already contains 32 elements. This memory corruption could lead to a denial of...

5.3CVSS5.8AI score0.00727EPSS
Exploits0References5
Chainguard
Chainguard
added 2026/06/27 2:16 a.m.9 views

GHSA-W6C6-C85G-MMV6 vulnerabilities

Vulnerabilities for packages: ko-fips, slsa-verifier, trivy, ratify, trivy-operator, cloudbeat-fips, kubescape-server, trivy-fips, commercial-kyverno, crossplane-fips, cloudbeat, kubescape, kyverno-fips, ratify-fips, trivy-operator-fips, policy-controller-fips, commercial-chainloop-backend,...

6.1AI score
Exploits0
OSV
OSV
added 2026/06/25 10:18 p.m.3 views

GHSA-W879-237Q-WC7R golang.org/x/crypto: Invoking pathological RSA/DSA parameters may cause DoS

The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public...

7.5CVSS6.4AI score0.00415EPSS
Exploits0References34
OSV
OSV
added 2026/06/25 10:17 p.m.4 views

DEBIAN-CVE-2026-6329

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6.5CVSS5.8AI score0.0016EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 10:17 p.m.4 views

UBUNTU-CVE-2026-7511

PKCS7verify signer confusion allows forged signatures, where the signer associated with a signature is not correctly bound, permitting a forged signature to be accepted...

7.5CVSS5.7AI score0.00171EPSS
Exploits0References5
NVD
NVD
added 2026/06/25 9:16 p.m.14 views

CVE-2026-6681

The PKCS7 decode path ignores the caller-supplied output buffer size outputSz, allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release...

5.3CVSS0.00256EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/25 9:2 p.m.8 views

CVE-2026-6329

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6.5CVSS5.8AI score0.0016EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/25 9:2 p.m.7 views

CVE-2026-6329

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6.5CVSS5.8AI score0.0016EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 8:38 p.m.9 views

EUVD-2026-39560

Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing...

2.3CVSS5.8AI score0.00074EPSS
Exploits0References2
Rows per page
Query Builder