Lucene search
K

4 matches found

OSV
OSV
added 2026/02/27 6:18 a.m.3 views

UBUNTU-CVE-2026-28372

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

7.8CVSS7.3AI score0.00373EPSS
Exploits4References7
Cvelist
Cvelist
added 2026/02/27 5:28 a.m.27 views

CVE-2026-28372

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

7.4CVSS0.00373EPSS
Exploits4References4
OSV
OSV
added 2025/02/03 8:47 a.m.5 views

SUSE-SU-2025:20010-1 Security update for wget

This update for wget fixes the following issues: - CVE-2024-38428: Fix mishandled semicolons in the userinfo subcomponent of a URI. bsc1226419 - Update to GNU wget 1.24.5: Fix how subdomain matches are checked for HSTS. Wget will now also parse the srcset attribute in HTML tags Support reading...

9.1CVSS7.3AI score0.00672EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2019/03/04 5:35 p.m.4 views

tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins

The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their...

9.8CVSS7.3AI score0.21979EPSS
Exploits0References8
Rows per page
Query Builder