Lucene search
K

534 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-45160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x before 2.19.2 allows attackers to bypass OAuth2 client authentication via an empty...

9.1CVSS5.8AI score0.00515EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/08/19 3:34 p.m.11 views

HydrAIDE Authentication Bypass Vulnerability

Summary There is no authentication of any kind. Details TLS is implemented, the tunnel between the client and server is secure, however once data is on the server, it's free to be read by any adversaries. On the client side :...

7.5AI score
Exploits0References4Affected Software1
OSV
OSV
added 2025/08/19 3:34 p.m.2 views

GHSA-QP7J-X725-G67F HydrAIDE Authentication Bypass Vulnerability

Summary There is no authentication of any kind. Details TLS is implemented, the tunnel between the client and server is secure, however once data is on the server, it's free to be read by any adversaries. On the client side :...

10CVSS7.5AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-40217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP...

5.3CVSS7AI score0.0079EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-3786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain...

7.5CVSS8.2AI score0.91153EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-37026

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations...

9.8CVSS8.1AI score0.01167EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-45159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided...

9.8CVSS5.5AI score0.00387EPSS
Exploits0References2
OSV
OSV
added 2025/08/11 1:52 p.m.3 views

BIT-LIBPYTHON-2023-40217

An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is...

5.3CVSS7AI score0.0079EPSS
Exploits0References8
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.5 views

EBS-CFL: Efficient and Byzantine-robust Secure Clustered Federated Learning

Despite federated learning FL's potential in collaborative learning, its performance has deteriorated due to the data heterogeneity of distributed users. Recently, clustered federated learning CFL has emerged to address this challenge by partitioning users into clusters according to their...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.10 views

TencentOS Server 2: python (TSSA-2023:0275)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0275 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

5.3CVSS7.2AI score0.0079EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.9 views

TencentOS Server 2: python3 (TSSA-2023:0270)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0270 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

5.3CVSS7.2AI score0.0079EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.9 views

TencentOS Server 3: python3 (TSSA-2023:0260)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0260 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

5.3CVSS7.2AI score0.0079EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.9 views

TencentOS Server 3: python3.11 (TSSA-2023:0241)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0241 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

5.3CVSS7.2AI score0.0079EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/05 12:0 a.m.5 views

Devolutions Server 访问控制错误漏洞

Devolutions Server is an application from Devolutions Canada Inc. which provides a full-featured shared account and password management solution. An Access Control Error vulnerability exists in Devolutions Server version 2025.1.10.0 and prior versions, which stems from improper access control of...

5CVSS6.8AI score0.00268EPSS
Exploits0References2
Citrix
Citrix
added 2025/05/30 12:0 a.m.20 views

NetScaler Gateway-13.1-Launching ICA session got stuck with client authentication enabled

You may stuck at the ICA session launching process when you enable client authentication in Gateway virtual server...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.36 views

ABB M2M Gateway TLS Handshake bypass in embedded Python (CVE-2023-40217)

An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is...

5.3CVSS7.2AI score0.0079EPSS
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/23 1:41 a.m.10 views

Malicious code in client-authentication-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0d83929fbddd1bff9fe89b82702a66c79d3e1f6f0fe19baa7379b58472005ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/05/23 1:41 a.m.5 views

MAL-2025-4311 Malicious code in client-authentication-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0d83929fbddd1bff9fe89b82702a66c79d3e1f6f0fe19baa7379b58472005ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/21 9:49 p.m.8 views

CVE-2009-5116

McAfee LinuxShield 1.5.1 and earlier does not properly implement client authentication, which allows remote authenticated users to obtain Admin access to the statistics server by leveraging a client account...

6.5CVSS6.6AI score0.01635EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2025/05/16 3:50 p.m.13 views

K000151390: Erlang/OTP vulnerabilities CVE-2022-37026 and CVE-2025-32433

Security Advisory Description CVE-2022-37026 In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS. CVE-2025-32433 Erlang/OTP is a set of libraries for the Erlang...

10CVSS8.9AI score0.97673EPSS
Exploits36
Rows per page
Query Builder