CVE-2025-68435

Zerobyte is a backup automation tool Zerobyte versions prior to 0.18.5 and 0.19.0 contain an authentication bypass vulnerability where authentication middleware is not properly applied to API endpoints. This results in certain API endpoints being accessible without valid session credentials. This...

CVE-2025-68435

Zerobyte (backup automation tool) has an authentication bypass vulnerability affecting versions prior to 0.18.5 and 0.19.0, where authentication middleware is not properly applied to API endpoints, allowing access without valid session credentials. This exposure is risky for deployments exposed o...

CVE-2025-68435 Zerobyte has Authentication Bypass by Primary Weakness

Zerobyte is a backup automation tool Zerobyte versions prior to 0.18.5 and 0.19.0 contain an authentication bypass vulnerability where authentication middleware is not properly applied to API endpoints. This results in certain API endpoints being accessible without valid session credentials. This...

CVE-2025-68435 Zerobyte has Authentication Bypass by Primary Weakness

Zerobyte is a backup automation tool Zerobyte versions prior to 0.18.5 and 0.19.0 contain an authentication bypass vulnerability where authentication middleware is not properly applied to API endpoints. This results in certain API endpoints being accessible without valid session credentials. This...

PT-2025-51980

Name of the Vulnerable Software and Affected Versions Zerobyte versions prior to 0.18.5 Zerobyte versions prior to 0.19.0 Description Zerobyte, a backup automation tool, has an issue where authentication middleware is not correctly applied to certain API endpoints. This allows access to these...

Linux Distros Unpatched Vulnerability : CVE-2017-16228

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in th...

PT-2023-23589

Name of the Vulnerable Software and Affected Versions Netmaker versions prior to 0.17.1 Netmaker versions 0.18.0 through 0.18.5 Description An Insecure Direct Object Reference IDOR vulnerability was found in the user update function, allowing an attacker to update another user's password by...

4337-snap (>=0.1.0 <=0.1.1), @0xpolygonid/snap-example (=1.0.0-beta.9) +322 more potentially affected by CVE-2023-39532 via ses (>=0.18.4 <=0.18.5)

ses NPM version =0.18.4, =0.1.0, =1.0.1-beta.0, =1.0.0, =1.6.3, =0.2.3, =0.2.2, =0.3.3-20230923T000433-dev-63b1fb6.0, =0.4.3-20230923T000433-dev-63b1fb6.0, =0.10.4-20230923T000433-dev-63b1fb6.0, =0.16.3-20230923T000433-dev-63b1fb6.0, =0.10.4-mainnet1B-dev-b0c1f78.0, =0.16.2-mainnet1B-dev-b0c1f78....

SUSE CVE-2017-16228

Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117...

Security update for python-dulwich (moderate)

This update for python-dulwich to version 0.18.5 fixes this security issue: - CVE-2017-16228: Dulwich, when an SSH subprocess is used, allowed remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname bsc1066430. For detailed changes please see...

Dulwich Arbitrary Command Execution Vulnerability

Dulwich is a Python implementation of the file format and protocols of the Git version control system developed by software developer Jelmer Vernooij. A security vulnerability exists in versions of Dulwich prior to 0.18.5. The vulnerability can be exploited by a remote attacker to execute arbitra...

PYSEC-2017-12

Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117...

Fedora 26 : mingw-LibRaw (2017-cf9301d69e)

Update to version 0.18.5, see https://www.libraw.org/news/libraw-0-18-5 for details. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

[SECURITY] Fedora 26 Update: mingw-LibRaw-0.18.5-1.fc26

MinGW Windows LibRaw library...