Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/29 12:0 a.m.2 views

openSUSE 16 Security Update : salt (openSUSE-SU-2026:20412-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20412-1 advisory. Changes in salt: - Security issues fixed: CVE-2025-67724: fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fixed Do...

7.5CVSS7.1AI score0.01525EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2026/03/27 12:0 a.m.6 views

SUSE: Security Advisory (SUSE-SU-2026:1028-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.01525EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2026/03/27 12:0 a.m.7 views

SUSE: Security Advisory (SUSE-SU-2026:1029-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.01525EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/03/26 12:0 a.m.4 views

SUSE SLES15: python311-salt / salt / salt-api / salt-bash-completion / salt-doc / etc (SUSE-SU-2026:1030-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1030-1 advisory. - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious...

7.5CVSS7.1AI score0.01525EPSS
Exploits0References16
SUSE Linux
SUSE Linux
added 2026/03/25 10:17 a.m.7 views

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

8.7CVSS5.8AI score0.01525EPSS
Exploits0References22
SUSE Linux
SUSE Linux
added 2026/03/25 10:16 a.m.5 views

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

8.7CVSS5.8AI score0.01525EPSS
Exploits0References24
SUSE Linux
SUSE Linux
added 2026/03/25 10:15 a.m.4 views

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

8.7CVSS5.8AI score0.01525EPSS
Exploits0References24
SUSE Linux
SUSE Linux
added 2026/02/25 9:15 a.m.4 views

Security update for python-tornado

This update for python-tornado fixes the following issues: CVE-2025-67725: inefficient algorithm when parsing parameters for HTTP header values bsc1254905. CVE-2025-67726: Denial of Service DoS via maliciously crafted HTTP request caused by the HTTPHeaders.add method bsc1254904. Patch Instruction...

8.7CVSS5.4AI score0.00396EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/02/11 12:0 a.m.6 views

RHEL 8 : pcs (RHSA-2026:2469)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2469 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: tornado: Tornado...

8.2CVSS5.8AI score0.01535EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.5 views

Alibaba Cloud Linux 3 : 0020: pcs (ALINUX3-SA-2026:0020)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0020 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-67725: Tornado is a Python web...

7.5CVSS5.7AI score0.00396EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2026/02/02 12:0 a.m.5 views

Debian: Security Advisory (DLA-4461-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.8AI score0.00396EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.5 views

MiracleLinux 8 : pcs-0.10.18-2.el8_10.8.ML.1 (AXSA:2026-089:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-089:01 advisory. tornado: Tornado Quadratic DoS via Repeated Header Coalescing CVE-2025-67725 tornado: Tornado Quadratic DoS via Crafted Multipart Parameters...

7.5CVSS6AI score0.00396EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2026/01/26 12:0 a.m.3 views

SUSE: Security Advisory (SUSE-SU-2026:0222-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.9AI score0.00396EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.3 views

RockyLinux 8 : pcs (RLSA-2026:0930)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0930 advisory. tornado: Tornado Quadratic DoS via Repeated Header Coalescing CVE-2025-67725 tornado: Tornado Quadratic DoS via Crafted Multipart Parameters CVE-2025-677...

7.5CVSS5.6AI score0.00396EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.8 views

RHEL 8 : pcs (RHSA-2026:0930)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0930 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: tornado: Tornado...

7.5CVSS5.7AI score0.00396EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

SUSE SLES16 Security Update : python-tornado6 (SUSE-SU-2026:20028-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20028-1 advisory. - CVE-2025-67724: unescaped reason argument used in HTTP headers and in HTML default error pages can be used by attackers to launc...

7.5CVSS7.1AI score0.00396EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

openSUSE 16 Security Update : python-tornado6 (openSUSE-SU-2026:20015-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20015-1 advisory. - CVE-2025-67724: unescaped reason argument used in HTTP headers and in HTML default error pages can be used by attackers to launch header...

7.5CVSS7.1AI score0.00396EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2026/01/08 6:39 p.m.6 views

USN-7950-1: Tornado vulnerabilities

It was discovered that Tornado incorrectly handled special characters in HTTP headers. An attacker could possibly use this issue to execute a cross- site scripting XSS attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.04, and Ubuntu 25.10...

7.5CVSS5.8AI score0.00396EPSS
Exploits0
OSV
OSV
added 2026/01/08 6:39 p.m.7 views

USN-7950-1 python-tornado vulnerabilities

It was discovered that Tornado incorrectly handled special characters in HTTP headers. An attacker could possibly use this issue to execute a cross- site scripting XSS attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.04, and Ubuntu 25.10...

7.5CVSS6.1AI score0.00396EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/06 12:0 a.m.1 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-tornado6 (SUSE-SU-2026:0010-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0010-1 advisory. - CVE-2025-67724: unescaped reason argument used in HTTP headers and in HTML default error pages...

7.5CVSS7.1AI score0.00396EPSS
Exploits0References10
Rows per page
Query Builder