CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

97 matches found

HSEC-2026-0008 crypton-x509-validation and crypton-x509 do not enforce X.509 Name Constraints

crypton-x509-validation and crypton-x509 do not enforce X.509 Name Constraints The crypton-x509-validation and crypton-x509 libraries did not enforce the X.509 Name Constraints extension during certificate validation. The Name Constraints extension is a critical X.509 extension that restricts the...

5.9AI score

Exploits0References2

IBM Security Bulletins•added 2026/03/31 3:38 a.m.•7 views

Security Bulletin: Vulnerability in IBM Java, Websphere, OpenSSL, libcurl, and Apache Commons may affect IBM Storage Protect Backup-Archive Client, IBM Storage Protect for Virtual Environments and IBM Storage Protect for Space Management

Summary IBM Spectrum Protect Backup-Archive Client, IBM Storage Protect for Virtual Environments and IBM Storage Protect for Space Management can be affected by logging and security vulnerabilities. This update improves reliability of Java object property handling, modern logging frameworks and...

7.5CVSS7.8AI score0.14258EPSS

Exploits0Affected Software3

UbuntuCve•added 2026/03/24 3:16 a.m.•1 views

CVE-2026-33308

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to the private key for a valid certificate issued by a CA trusted for TLS...

6.8CVSS5.8AI score0.00016EPSS

Exploits0References2

OSV•added 2026/02/26 8:45 p.m.•3 views

RLSA-2026:3337 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted...

7.5CVSS5.7AI score0.00045EPSS

Exploits4References5

OSV•added 2026/02/26 8:45 p.m.•3 views

RLSA-2026:3298 Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

7.5CVSS5.6AI score0.00045EPSS

Exploits3References4

RedHat Linux•added 2026/02/25 11:48 a.m.•4 views

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

10CVSS6.7AI score0.00045EPSS

Exploits4References5

OSV•added 2026/01/22 12:53 p.m.•1 views

SUSE-SU-2026:20122-1 Security update for go1.24

This update for go1.24 fixes the following issues: Update to go1.24.12 released 2026-01-15 bsc1236217 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. - CVE-2025-68119: cmd/go: unexpected code execution when invoking...

10CVSS6.4AI score0.00045EPSS

Exploits2References14

SUSE Linux•added 2026/01/22 12:14 p.m.•3 views

Security update for go1.24

This update for go1.24 fixes the following issues: Update to go1.24.12 released 2026-01-15 bsc1236217 Security fixes: CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. CVE-2025-68119: cmd/go: unexpected code execution when invoking...

7.6CVSS6.4AI score0.00045EPSS

Exploits2References26

RedhatCVE•added 2026/01/09 9:34 a.m.•5 views

CVE-2024-41270

An issue discovered in the RunHTTPServer function in Gorush v1.18.4 allows attackers to intercept and manipulate data due to use of deprecated TLS version...

9.1CVSS6.8AI score0.00114EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:29 a.m.•7 views

CVE-2023-50312

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. IBM X-Force ID: 274711...

6.5CVSS6.3AI score0.00032EPSS

Exploits0References1

OSV•added 2025/10/24 10:12 a.m.•1 views

SUSE-SU-2025:20885-1 Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: - CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem...

7.8CVSS6.7AI score0.00106EPSS

Exploits1References19

OSV•added 2025/10/24 10:11 a.m.•0 views

SUSE-SU-2025:20903-1 Security update for kernel-livepatch-MICRO-6-0_Update_5

This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: - CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem...

7.8CVSS6.6AI score0.00106EPSS

Exploits1References19