CVE-2026-33845
- EPSS 0.81%
- Veröffentlicht 30.04.2026 17:41:34
- Zuletzt bearbeitet 07.07.2026 12:16:37
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause inform...
CVE-2026-3832
- EPSS 0.72%
- Veröffentlicht 30.04.2026 17:41:28
- Zuletzt bearbeitet 24.06.2026 17:16:58
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP...
CVE-2026-3833
- EPSS 0.57%
- Veröffentlicht 30.04.2026 17:37:05
- Zuletzt bearbeitet 30.06.2026 03:19:14
A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees...
CVE-2026-7309
- EPSS 0.18%
- Veröffentlicht 28.04.2026 12:33:55
- Zuletzt bearbeitet 07.05.2026 02:16:00
A flaw was found in the OpenShift Container Platform build system. A user with the `edit` ClusterRole can inject arbitrary environment variables, such as `LD_PRELOAD` or `http_proxy`, into `docker-build` containers through the `buildconfigs/instantia...
CVE-2026-6732
- EPSS 0.63%
- Veröffentlicht 23.04.2026 22:19:34
- Zuletzt bearbeitet 30.06.2026 20:16:50
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious d...
CVE-2026-6846
- EPSS 0.17%
- Veröffentlicht 22.04.2026 08:37:14
- Zuletzt bearbeitet 01.07.2026 13:17:51
A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file during linking. A local attacker could trick a user into processing this malicious fi...
CVE-2026-6844
- EPSS 0.1%
- Veröffentlicht 22.04.2026 08:37:09
- Zuletzt bearbeitet 20.05.2026 14:00:12
A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable Format (ELF) file. One vulnerability, a resource ex...
CVE-2026-6843
- EPSS 0.11%
- Veröffentlicht 22.04.2026 08:30:04
- Zuletzt bearbeitet 20.05.2026 14:10:44
A flaw was found in nano. A local user could exploit a format string vulnerability in the `statusline()` function. By creating a directory with a name containing `printf` specifiers, the application attempts to display this name, leading to a segment...
- EPSS 96.27%
- Veröffentlicht 22.04.2026 08:15:10
- Zuletzt bearbeitet 01.07.2026 17:30:58
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-pl...
- EPSS 0.14%
- Veröffentlicht 22.04.2026 07:54:19
- Zuletzt bearbeitet 02.07.2026 22:16:43
A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. T...