Ubuntu: Security Advisory (USN-8155-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-8155-1: OpenSSL vulnerabilities

Viktor Dukhovni discovered that OpenSSL incorrectly negotiated the expected preferred key exchange group when used as a TLS 1.3 server. This could result in a less preferred key exchange being used, contrary to expectations. This issue only affected Ubuntu 25.10. CVE-2026-2673 Igor Morgenstern...

CVE-2026-2673 vulnerabilities

Vulnerabilities for packages: openssl...

CVE-2026-2673 vulnerabilities

Vulnerabilities for packages: openssl, libcrypto3-2.34...

CVE-2026-2673

creationtimestamp| type| source ---|---|--- 2026-03-16 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0296/ 2026-03-22 18:21:36+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116274213394942220 2026-04-02 12:00:59+00:00| seen|...

SUSE CVE-2026-2673

Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...

CVE-2026-2673

Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...

CVE-2026-2673

Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...

Linux Distros Unpatched Vulnerability : CVE-2026-2673

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the...

CGA-2673-WQJ5-5596

Bulletin has no description...

MiracleLinux 4 : gc-7.1-12.AXS4 (AXSA:2014-020:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-020:01 advisory. The Boehm-Demers-Weiser conservative garbage collector can be used as a garbage collecting replacement for C malloc or C++ new. Security issues fixed with thi...

CVE-2025-2673

creationtimestamp| type| source ---|---|--- 2025-03-24 01:40:54+00:00| seen| https://t.me/cvedetector/20925 2025-03-24 04:23:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ll3vwkcfbq2e...

CVE-2025-2673

A vulnerability classified as problematic has been found in code-projects Payroll Management System 1.0. Affected is an unknown function of the file /homeemployee.php. The manipulation of the argument division leads to cross site scripting. It is possible to launch the attack remotely. The exploi...

CVE-2025-2673 code-projects Payroll Management System home_employee.php cross site scripting

A vulnerability classified as problematic has been found in code-projects Payroll Management System 1.0. Affected is an unknown function of the file /homeemployee.php. The manipulation of the argument division leads to cross site scripting. It is possible to launch the attack remotely. The exploi...

CVE-2025-2673

CVE-2025-2673 affects Code-Projects Payroll Management System 1.0. The vulnerability is in an unknown function of the file /home_employee.php where manipulation of the argument division leads to cross-site scripting. It is exploitable remotely, and the exploit has been disclosed publicly. Other p...

Oracle Linux 7 : libxml2 (ELSA-2025-2673)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-2673 advisory. - Fix CVE-2024-56171 Orabug: 37694105 - Fix CVE-2025-24928 Orabug: 37694105 - Fix CVE-2016-4658 1966916 - Fix CVE-2019-19956 1793000 - Fix CVE-2019-203...

CVE-2024-2673

creationtimestamp| type| source ---|---|--- 2025-02-21 22:10:24+00:00| seen| Telegram/PkeWSDYDuaD1vtQCXjSQFumiB3YiNUHEGfRM-umiNEUAvqJd...

CVE-2020-2673

Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Oracle Flow Builder. Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

CGA-J937-JH9M-2673

Bulletin has no description...

CVE-2024-2673 Campcodes Online Job Finder System login.php sql injection

A vulnerability classified as critical has been found in Campcodes Online Job Finder System 1.0. This affects an unknown part of the file /admin/login.php. The manipulation of the argument useremail leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...