21 matches found
CVE-2026-41017
Apache Airflow's JWTRefreshMiddleware set the JWT auth cookie without the Secure flag, so deployments running the Airflow API server behind an HTTPS-terminating reverse proxy e.g. nginx / Envoy / a managed load balancer that terminates TLS and forwards plaintext to the API server, the default...
CVE-2026-41017
Apache Airflow's JWTRefreshMiddleware set the JWT auth cookie without the Secure flag, so deployments running the Airflow API server behind an HTTPS-terminating reverse proxy e.g. nginx / Envoy / a managed load balancer that terminates TLS and forwards plaintext to the API server, the default...
CVE-2026-41017
creationtimestamp| type| source ---|---|--- 2026-05-31 12:38:39+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mn5lhr4e5z23...
CVE-2025-41017
creationtimestamp| type| source ---|---|--- 2025-11-24 13:33:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6ewvebqug2n 2025-11-24 15:05:47+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115605290787765122...
CVE-2022-41017
creationtimestamp| type| source ---|---|--- 2025-03-28 18:28:26+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9424...
Linux Distros Unpatched Vulnerability : CVE-2024-41017
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jfs: don't walk off the end of ealist Add a check before visiting the members of ea to make sure each ea stays within the ealist. CVE-2024-41017 Note that Nessu...
Ubuntu: Security Advisory (USN-7123-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-7088-5)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-7089-4)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-7100-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-7089-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-7089-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2896-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2896-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were...
Debian dsa-5747 : affs-modules-5.10.0-29-4kc-malta-di - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5747 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5747-1 [email protected] https://www.debian.org/securit...
Mageia: Security Advisory (MGASA-2024-0278)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2024-41017
In the Linux kernel, the following vulnerability has been resolved: jfs: don't walk off the end of ealist Add a check before visiting the members of ea to make sure each ea stays within the ealist...
CVE-2024-41017
A vulnerability was found in the Journaled File System JFS in the kernel code, which allows for out-of-bounds access when traversing the extended attribute list ealist. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...
CVE-2022-41017
CVE-2022-41017 affects Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. Talos/NVD entries describe several stack-based buffer overflow vulnerabilities in the DetranCLI command parsing, specifically in the vpn basic protocol (l2tp|pptp) name WORD server WORD username WORD passsword WORD firmwall (on|of...
CVE-2021-41017
creationtimestamp| type| source ---|---|--- 2021-12-08 22:23:01+00:00| seen| https://t.me/cibsecurity/33639...
CVE-2021-41017
Multiple heap-based buffer overflow vulnerabilities in some web API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow a remote authenticated attacker to execute arbitrary code or commands via specifically crafted HTTP requests...