Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/29 12:0 a.m.2 views

openSUSE 16 Security Update : salt (openSUSE-SU-2026:20412-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20412-1 advisory. Changes in salt: - Security issues fixed: CVE-2025-67724: fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fixed Do...

7.5CVSS7.1AI score0.01525EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2026/03/27 12:0 a.m.7 views

SUSE: Security Advisory (SUSE-SU-2026:1029-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.01525EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2026/03/27 12:0 a.m.6 views

SUSE: Security Advisory (SUSE-SU-2026:1028-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.01525EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/03/26 12:0 a.m.4 views

SUSE SLES15: python311-salt / salt / salt-api / salt-bash-completion / salt-doc / etc (SUSE-SU-2026:1030-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1030-1 advisory. - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious...

7.5CVSS7.1AI score0.01525EPSS
Exploits0References16
SUSE Linux
SUSE Linux
added 2026/03/25 10:17 a.m.7 views

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

8.7CVSS5.8AI score0.01525EPSS
Exploits0References22
SUSE Linux
SUSE Linux
added 2026/03/25 10:16 a.m.5 views

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

8.7CVSS5.8AI score0.01525EPSS
Exploits0References24
SUSE Linux
SUSE Linux
added 2026/03/25 10:15 a.m.4 views

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

8.7CVSS5.8AI score0.01525EPSS
Exploits0References24
SUSE Linux
SUSE Linux
added 2026/02/25 9:15 a.m.4 views

Security update for python-tornado

This update for python-tornado fixes the following issues: CVE-2025-67725: inefficient algorithm when parsing parameters for HTTP header values bsc1254905. CVE-2025-67726: Denial of Service DoS via maliciously crafted HTTP request caused by the HTTPHeaders.add method bsc1254904. Patch Instruction...

8.7CVSS5.4AI score0.00396EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/02/11 12:0 a.m.6 views

RHEL 8 : pcs (RHSA-2026:2469)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2469 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: tornado: Tornado...

8.2CVSS5.8AI score0.01535EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.5 views

Alibaba Cloud Linux 3 : 0020: pcs (ALINUX3-SA-2026:0020)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0020 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-67725: Tornado is a Python web...

7.5CVSS5.7AI score0.00396EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2026/02/02 12:0 a.m.5 views

Debian: Security Advisory (DLA-4461-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.8AI score0.00396EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.5 views

MiracleLinux 8 : pcs-0.10.18-2.el8_10.8.ML.1 (AXSA:2026-089:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-089:01 advisory. tornado: Tornado Quadratic DoS via Repeated Header Coalescing CVE-2025-67725 tornado: Tornado Quadratic DoS via Crafted Multipart Parameters...

7.5CVSS6AI score0.00396EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2026/01/26 12:0 a.m.3 views

SUSE: Security Advisory (SUSE-SU-2026:0222-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.9AI score0.00396EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.3 views

RockyLinux 8 : pcs (RLSA-2026:0930)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0930 advisory. tornado: Tornado Quadratic DoS via Repeated Header Coalescing CVE-2025-67725 tornado: Tornado Quadratic DoS via Crafted Multipart Parameters CVE-2025-677...

7.5CVSS5.6AI score0.00396EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.8 views

RHEL 8 : pcs (RHSA-2026:0930)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0930 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: tornado: Tornado...

7.5CVSS5.7AI score0.00396EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

SUSE SLES16 Security Update : python-tornado6 (SUSE-SU-2026:20028-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20028-1 advisory. - CVE-2025-67724: unescaped reason argument used in HTTP headers and in HTML default error pages can be used by attackers to launc...

7.5CVSS7.1AI score0.00396EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

openSUSE 16 Security Update : python-tornado6 (openSUSE-SU-2026:20015-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20015-1 advisory. - CVE-2025-67724: unescaped reason argument used in HTTP headers and in HTML default error pages can be used by attackers to launch header...

7.5CVSS7.1AI score0.00396EPSS
Exploits0References9
OSV
OSV
added 2026/01/08 6:39 p.m.7 views

USN-7950-1 python-tornado vulnerabilities

It was discovered that Tornado incorrectly handled special characters in HTTP headers. An attacker could possibly use this issue to execute a cross- site scripting XSS attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.04, and Ubuntu 25.10...

7.5CVSS6.1AI score0.00396EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2026/01/08 6:39 p.m.6 views

USN-7950-1: Tornado vulnerabilities

It was discovered that Tornado incorrectly handled special characters in HTTP headers. An attacker could possibly use this issue to execute a cross- site scripting XSS attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.04, and Ubuntu 25.10...

7.5CVSS5.8AI score0.00396EPSS
Exploits0
OpenVAS
OpenVAS
added 2026/01/06 12:0 a.m.5 views

SUSE: Security Advisory (SUSE-SU-2026:0010-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.00396EPSS
Exploits0References6
Rows per page
Query Builder