5 matches found
CVE-2026-55952
The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...
EUVD-2026-41412
The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...
EUVD-2018-12784
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2022-34009
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored ...
krb5: Reachable assertion in the KDC using S4U2Self requests
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self request...