Lucene search
K

15 matches found

OSV
OSV
added 2026/06/18 3:51 p.m.9 views

ROOT-APP-GOBINARY-CVE-2026-29785 CVE-2026-29785 in rootio-github.com/nats-io/nats-server/v2 - Patched by Root

Root has patched CVE-2026-29785 in the rootio-github.com/nats-io/nats-server/v2 package for Root:Go. Multiple fixed versions available...

7.5CVSS6.3AI score0.00658EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.10 views

Photon OS 5.0: Telegraf PHSA-2026-5.0-0841

An update of the telegraf package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0841. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

8.6CVSS5.8AI score0.00658EPSS
Exploits0References5
CBLMariner
CBLMariner
added 2026/04/09 10:23 p.m.10 views

CVE-2026-29785 affecting package telegraf for versions less than 1.31.0-18

CVE-2026-29785 affecting package telegraf for versions less than 1.31.0-18. A patched version of the package is available...

7.5CVSS6.4AI score0.00658EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/26 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-29785

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.14 and 2.12.5, if the nats-server has the...

7.5CVSS6.4AI score0.00658EPSS
Exploits0References3
Chainguard
Chainguard
added 2026/03/25 7:17 p.m.5 views

CVE-2026-29785 vulnerabilities

Vulnerabilities for packages: nats-fips, k3s, nats-top, prometheus-nats-exporter, nats, prometheus-nats-exporter-fips, kine, rke2-runtime, rke2-runtime-fips, telegraf, milvus, nats-top-fips...

7.5CVSS6.4AI score0.00658EPSS
Exploits0
Circl
Circl
added 2026/03/25 7:16 p.m.4 views

CVE-2026-29785

creationtimestamp| type| source ---|---|--- 2026-03-25 19:16:30+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-29785 2026-03-25 21:01:50+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhvydsong52r 2026-03-26 21:40:09+00:00| seen|...

7.5CVSS5.9AI score0.00658EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-29785

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.0078EPSS
Exploits0References3
OSV
OSV
added 2025/06/02 11:15 a.m.2 views

DEBIAN-CVE-2025-29785

quic-go is an implementation of the QUIC protocol in Go. The loss recovery logic for path probe packets that was added in the v0.50.0 release can be used to trigger a nil-pointer dereference by a malicious QUIC client. In order to do so, the attacker first sends valid QUIC packets from different...

7.5CVSS5.5AI score0.00402EPSS
Exploits0References1
Circl
Circl
added 2025/06/02 11:11 a.m.12 views

CVE-2025-29785

creationtimestamp| type| source ---|---|--- 2025-06-02 11:11:12+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqmncgs2gxe2 2025-06-02 12:01:30+00:00| published-proof-of-concept| Telegram/rXYL1lXWkEU6X4s-B12vmJDiUkp3J5RpkWN8Rf8Wlc0XZWI...

7.5CVSS4.8AI score0.00402EPSS
Exploits0References1
OSV
OSV
added 2025/06/02 10:44 a.m.4 views

CVE-2025-29785 quic-go Has Panic in Path Probe Loss Recovery Handling

quic-go is an implementation of the QUIC protocol in Go. The loss recovery logic for path probe packets that was added in the v0.50.0 release can be used to trigger a nil-pointer dereference by a malicious QUIC client. In order to do so, the attacker first sends valid QUIC packets from different...

7.5CVSS6.6AI score0.00402EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/06/02 10:44 a.m.15 views

CVE-2025-29785 quic-go Has Panic in Path Probe Loss Recovery Handling

quic-go is an implementation of the QUIC protocol in Go. The loss recovery logic for path probe packets that was added in the v0.50.0 release can be used to trigger a nil-pointer dereference by a malicious QUIC client. In order to do so, the attacker first sends valid QUIC packets from different...

7.5CVSS5.3AI score0.00402EPSS
Exploits0References3
Circl
Circl
added 2022/01/20 10:12 p.m.9 views

CVE-2021-29785

creationtimestamp| type| source ---|---|--- 2022-01-20 22:12:03+00:00| seen| https://t.me/cibsecurity/35950...

5.9CVSS5.7AI score0.01299EPSS
Exploits0References1
OSV
OSV
added 2022/01/20 8:15 p.m.2 views

CVE-2021-29785

IBM Security SOAR V42 and V43could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID:...

5.9CVSS5.8AI score0.01299EPSS
Exploits0References2
CVE
CVE
added 2022/01/20 7:40 p.m.47 views

CVE-2021-29785

CVE-2021-29785 affects IBM Security SOAR. The root cause is the product’s failure to properly enable HTTP Strict-Transport-Security (HSTS) headers on some endpoints, which could allow an attacker to obtain sensitive information through man-in-the-middle techniques. IBM’s security bulletin confirm...

5.9CVSS5.4AI score0.01299EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/19 10:14 p.m.19 views

Security Bulletin: IBM® Security SOAR could be vulnerable to a downgrade attack because of missing Strict-Transport-Security headers for some endpoints (CVE-2021-29785).

Summary IBM® Security SOAR, is missing Strict-Transport-Security headers for some endpoints that help prevent HTTPS downgrade attacks. This is addressed by upgrading IBM Security SOAR to the latest build of v43.1. Vulnerability Details CVEID: CVE-2021-29785 DESCRIPTION: IBM Resilient could allow ...

5.9CVSS5.1AI score0.01299EPSS
Exploits0Affected Software1
Rows per page
Query Builder