Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/29 12:0 a.m.2 views

openSUSE 16 Security Update : salt (openSUSE-SU-2026:20412-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20412-1 advisory. Changes in salt: - Security issues fixed: CVE-2025-67724: fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fixed Do...

7.5CVSS7.1AI score0.01525EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2026/03/27 12:0 a.m.6 views

SUSE: Security Advisory (SUSE-SU-2026:1028-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.01525EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2026/03/27 12:0 a.m.7 views

SUSE: Security Advisory (SUSE-SU-2026:1029-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.01525EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/03/26 12:0 a.m.4 views

SUSE SLES15: python311-salt / salt / salt-api / salt-bash-completion / salt-doc / etc (SUSE-SU-2026:1030-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1030-1 advisory. - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious...

7.5CVSS7.1AI score0.01525EPSS
Exploits0References16
SUSE Linux
SUSE Linux
added 2026/03/25 10:17 a.m.7 views

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

8.7CVSS5.8AI score0.01525EPSS
Exploits0References22
SUSE Linux
SUSE Linux
added 2026/03/25 10:16 a.m.5 views

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

8.7CVSS5.8AI score0.01525EPSS
Exploits0References24
SUSE Linux
SUSE Linux
added 2026/03/25 10:15 a.m.4 views

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

8.7CVSS5.8AI score0.01525EPSS
Exploits0References24
SUSE Linux
SUSE Linux
added 2026/03/06 8:15 a.m.6 views

Security update for python-tornado

This update for python-tornado fixes the following issue: CVE-2025-67724: missing validation of the supplied reason phrase bsc1254903. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

5.4CVSS5.8AI score0.00185EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2026/02/02 12:0 a.m.5 views

Debian: Security Advisory (DLA-4461-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.8AI score0.00396EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

SUSE SLES16 Security Update : python-tornado6 (SUSE-SU-2026:20028-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20028-1 advisory. - CVE-2025-67724: unescaped reason argument used in HTTP headers and in HTML default error pages can be used by attackers to launc...

7.5CVSS7.1AI score0.00396EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

openSUSE 16 Security Update : python-tornado6 (openSUSE-SU-2026:20015-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20015-1 advisory. - CVE-2025-67724: unescaped reason argument used in HTTP headers and in HTML default error pages can be used by attackers to launch header...

7.5CVSS7.1AI score0.00396EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2026/01/08 6:39 p.m.6 views

USN-7950-1: Tornado vulnerabilities

It was discovered that Tornado incorrectly handled special characters in HTTP headers. An attacker could possibly use this issue to execute a cross- site scripting XSS attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.04, and Ubuntu 25.10...

7.5CVSS5.8AI score0.00396EPSS
Exploits0
OSV
OSV
added 2026/01/08 6:39 p.m.7 views

USN-7950-1 python-tornado vulnerabilities

It was discovered that Tornado incorrectly handled special characters in HTTP headers. An attacker could possibly use this issue to execute a cross- site scripting XSS attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.04, and Ubuntu 25.10...

7.5CVSS6.1AI score0.00396EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/06 12:0 a.m.1 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-tornado6 (SUSE-SU-2026:0010-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0010-1 advisory. - CVE-2025-67724: unescaped reason argument used in HTTP headers and in HTML default error pages...

7.5CVSS7.1AI score0.00396EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2026/01/06 12:0 a.m.5 views

SUSE: Security Advisory (SUSE-SU-2026:0010-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.00396EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2026/01/05 10:27 a.m.4 views

Security update for python-tornado6

This update for python-tornado6 fixes the following issues: CVE-2025-67724: unescaped reason argument used in HTTP headers and in HTML default error pages can be used by attackers to launch header injection or XSS attacks bsc1254903. CVE-2025-67725: quadratic complexity of string concatenation...

8.7CVSS6.2AI score0.00396EPSS
Exploits0References12
OSV
OSV
added 2025/12/12 6:15 a.m.1 views

DEBIAN-CVE-2025-67724

Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, the supplied reason phrase is used unescaped in HTTP headers where it could be used for header injection or in HTML in the default error page where it could be used for XSS and can be exploited by...

6.1CVSS5.3AI score0.00185EPSS
Exploits0References1
Rows per page
Query Builder