92 matches found
CVE-2026-11852
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized into artifacts. The endpoints that create and delete relationships between artifacts enforced no permissions checks beyond being able to see the artifacts in...
Linux Distros Unpatched Vulnerability : CVE-2026-11852
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized into artifacts. The...
CVE-2026-11852
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized into artifacts. The endpoints that create and delete relationships between artifacts enforced no permissions checks beyond being able to see the artifacts in...
CVE-2026-11852
Debusine CVE-2026-11852 affects a Debian-based distribution tool. The vulnerability arises because endpoints that create or delete relationships between artifacts perform no permission checks beyond artifact visibility, enabling unauthorized relationship management. The CVSS indicates Network acc...
PT-2026-48397
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Debian source packages .dsc and upload artifacts .changes are manifest files that name the files that make up the artifact. The parser used to read these files in Debusine accepted arbitrary fully...
PT-2026-48396
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized into artifacts. The endpoints that create and delete relationships between artifacts enforced no permissions checks beyond being able to see the artifacts in...
Freedombox 安全漏洞
Freedombox is a Debian-based freeware home server operating system. A security vulnerability exists in Freedombox versions prior to 25.17.1 that stems from improperly set permissions on the backup data directory, which could result in database dump files being read...
Dell SmartFabric OS10 Software Code Injection Vulnerability
Dell SmartFabric OS10 Software is a Debian Linux-based operating system from Dell, USA. Dell SmartFabric OS10 Software suffers from a code injection vulnerability that can be exploited by an attacker to cause code execution...
Dell SmartFabric OS10 Software Command Injection Vulnerability
Dell SmartFabric OS10 Software is a Debian Linux-based operating system from Dell, USA. Dell SmartFabric OS10 Software suffers from a command injection vulnerability that can be exploited by an attacker to cause code execution...
Dell SmartFabric OS10 Software 命令注入漏洞
Dell SmartFabric OS10 Software is a Debian Linux-based operating system from Dell, USA. Dell SmartFabric OS10 Software suffers from a command injection vulnerability that originates from improper neutralization of special elements in commands, which can be exploited by an attacker to cause comman...
Dell SmartFabric OS10 Software 命令注入漏洞
Dell SmartFabric OS10 Software is a Debian Linux-based operating system from Dell, USA. Dell SmartFabric OS10 Software suffers from a command injection vulnerability that can be exploited by an attacker to cause code execution...
Jenkins ssh-agent Docker Image < 6.11.2 SSH Host Key Reuse
According to their self-reported version numbers, the jenkins/ssh-agent docker containers running on the remote web server are affected by an SSH host key reuse vulnerability. In jenkins/ssh-agent Docker images 6.11.1 and earlier, SSH host keys are generated on image creation for images based on...
Jenkins ssh-slave Docker Image SSH Host Key Reuse
According to their self-reported version numbers, the jenkins/ssh-slave docker containers running on the remote web server are affected by an SSH host key reuse vulnerability. In jenkins/ssh-slave Docker images, SSH host keys are generated on image creation for images based on Debian, causing all...
CVE-2025-32755
In jenkins/ssh-slave Docker images based on Debian, SSH host keys are generated on image creation for images based on Debian, causing all containers based on images of the same version use the same SSH host keys, allowing attackers able to insert themselves into the network path between the SSH...
CVE-2025-32754
In jenkins/ssh-agent Docker images 6.11.1 and earlier, SSH host keys are generated on image creation for images based on Debian, causing all containers based on images of the same version use the same SSH host keys, allowing attackers able to insert themselves into the network path between the SS...
CVE-2025-30095
VyOS 1.3 through 1.5 fixed in 1.4.2 or any Debian-based system using dropbear in combination with live-build has the same Dropbear private host keys across different installations. Thus, an attacker can conduct active man-in-the-middle attacks against SSH connections if Dropbear is enabled as the...
CVE-2025-30095
VyOS 1.3 through 1.5 fixed in 1.4.2 or any Debian-based system using dropbear in combination with live-build has the same Dropbear private host keys across different installations. Thus, an attacker can conduct active man-in-the-middle attacks against SSH connections if Dropbear is enabled as the...
CVE-2025-30095
CVE-2025-30095 affects VyOS 1.3–1.5 (fixed in 1.4.2) and can also impact any Debian-based system using Dropbear with live-build due to identical Dropbear private host keys across installations. This enables active man-in-the-middle attacks on SSH if Dropbear is used as the SSH daemon; VyOS’s cons...
PT-2025-13781 · Vyos +2 · Vyos +2
Name of the Vulnerable Software and Affected Versions: VyOS versions 1.3 through 1.5 Description: The issue allows an attacker to conduct active man-in-the-middle attacks against SSH connections if Dropbear is enabled as the SSH daemon, due to the same Dropbear private host keys being used across...
CVE-2025-30095
VyOS 1.3 through 1.5 fixed in 1.4.2 or any Debian-based system using dropbear in combination with live-build has the same Dropbear private host keys across different installations. Thus, an attacker can conduct active man-in-the-middle attacks against SSH connections if Dropbear is enabled as the...