CVE-2026-2865

creationtimestamp| type| source ---|---|--- 2026-02-26 04:40:10+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfqevltij32w...

CVE-2019-2865

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM...

TencentOS Server 3: freeradius:3.0 (TSSA-2024:0764)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0764 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

EUVD-2025-5924

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-2865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.2.32 and...

CVE-2014-2865

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to bypass intended access restrictions via a '\0' character, as demonstrated by using this character within a pathname on the drive containing the web root directory of a ColdFusion installation...

CVE-2025-2865

SaTECH BCU, in its firmware version 2.1.3, could allow XSS attacks and other malicious resources to be stored on the web server. An attacker with some knowledge of the web application could send a malicious request to the victim users. Through this request, the victims would interpret the code...

CVE-2025-2865

SaTECH BCU, in its firmware version 2.1.3, could allow XSS attacks and other malicious resources to be stored on the web server. An attacker with some knowledge of the web application could send a malicious request to the victim users. Through this request, the victims would interpret the code...

CVE-2025-2865 Reflected Cross-Site Scripting (XSS) vulnerability in saTECH BCU

SaTECH BCU, in its firmware version 2.1.3, could allow XSS attacks and other malicious resources to be stored on the web server. An attacker with some knowledge of the web application could send a malicious request to the victim users. Through this request, the victims would interpret the code...

PT-2025-9021 · Draytek · Draytek Vigor 2862/2926 +9

Name of the Vulnerable Software and Affected Versions: Draytek Vigor 165/166 versions prior to 4.2.6 Draytek Vigor 2620/LTE200 versions prior to 3.9.8.8 Draytek Vigor 2860/2925 versions prior to 3.9.7 Draytek Vigor 2862/2926 versions prior to 3.9.9.4 Draytek Vigor 2133/2762/2832 versions prior to...

F5 Networks BIG-IP : RADIUS authentication vulnerability (K000141008)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2 / Hotfix- BIGIP-15.1.10.5.0.28.10-ENG.iso / Hotfix-BIGIP-16.1.5.1.0.13.7-ENG.iso / Hotfix-BIGIP-17.1.1.4.0.100.9-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000141008...

Unspecified Vulnerability in RADIUS Protocol under RFC 2865

RADIUS Protocol under RFC 2865 is an RFC open source networking protocol. A security vulnerability exists in RADIUS Protocol under RFC 2865, which can be exploited by an attacker to modify any valid response Access-Accept, Access-Reject, or Access-Challenge to any other response using a Choice...

CVE-2024-3596

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature...

CVE-2024-3596

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature...

CVE-2024-3596

Summary: CVE-2024-3596 is a forgery vulnerability in RADIUS (RFC 2865) where a local attacker can modify a valid RADIUS response to another response using a chosen-prefix collision against MD5. The vulnerability is associated with FreeRADIUS and is covered in multiple advisories (ALAS/ALSA) confi...

CVE-2024-3596 RADIUS Protocol under RFC2865 is vulnerable to forgery attacks.

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature...

CVE-2024-3596

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature...

CVE-2024-3596 RADIUS Protocol under RFC2865 is vulnerable to forgery attacks.

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature...

KB5040427: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (July 2024)

The remote Windows host is missing security update 5040427. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...

KB5040438: Windows 11 version 22H2 / Windows Server version 23H2 Security Update (July 2024)

The remote Windows host is missing security update 5040438. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...