15662 matches found
EUVD-2026-38722
In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix tpmeter counter underflow during shutdown batadvtpsendershutdown unconditionally decrements the "sending" atomic counter. If multiple paths e.g. timeout, user cancel, and normal finish call this function, the...
Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection
Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access OWA for Exchange Server 2003 SP2 aka build 6.5.7638 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter. id: CVE-2008-1547 info: name:...
Microsoft Exchange - Pre-Auth SSRF / ACL Bypass (ProxyNotFound)
Microsoft Exchange Server contains a remote code execution caused by improper input validation in the server component, letting remote attackers execute arbitrary code, exploit requires network access to the server. id: CVE-2021-28481 info: name: Microsoft Exchange - Pre-Auth SSRF / ACL Bypass...
Microsoft Exchange - Pre-Auth SSRF / ACL Bypass (ProxyNotFound)
Microsoft Exchange Server contains a remote code execution caused by improper input validation in the server component, letting remote attackers execute arbitrary code, exploit requires network access to the server. id: CVE-2021-28480 info: name: Microsoft Exchange - Pre-Auth SSRF / ACL Bypass...
Microsoft Exchange Server - Cross-Site Scripting
Microsoft Exchange Server, or OWA, is vulnerable to a cross-site scripting vulnerability in refurl parameter of frowny.asp. id: CVE-2021-31195 info: name: Microsoft Exchange Server - Cross-Site Scripting author: infosecsanyam severity: medium description: Microsoft Exchange Server, or OWA, is...
CVE-2026-47386
NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, two concurrent token-exchange requests using the same OAuth authorization code could each mint a distinct valid accesstoken, refreshtoken pair, breaking the single-use guarantee that PKCE relies on. This vulnerability ...
CVE-2026-44274
creationtimestamp| type| source ---|---|--- 2026-06-23 16:26:35+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116800356044077803...
CVE-2026-10521
creationtimestamp| type| source ---|---|--- 2026-06-23 07:36:29+00:00| seen| https://infosec.exchange/users/certvde/statuses/116798271507262478 2026-06-23 07:45:43+00:00| seen| https://infosec.exchange/users/certvde/statuses/116798307883543003 2026-06-23 11:20:33+00:00| seen|...
CVE-2026-12866
creationtimestamp| type| source ---|---|--- 2026-06-23 06:00:34+00:00| seen| https://infosec.exchange/users/offseq/statuses/116797893970275740 2026-06-23 06:00:56+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mowpwxfz6z2b 2026-06-23 07:57:27+00:00| seen|...
Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting
Microsoft Exchange Server is vulnerable to a spoofing vulnerability. Be aware this CVE ID is unique from CVE-2021-42305. id: CVE-2021-41349 info: name: Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting author: rootxharsh,iamnoooob severity: medium description: Microsoft Exchange...
CVE-2026-55653
A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange DH-GEX client path. This occurs during FIPS Federal Information Processing Standards mode known-group validation when the client processes attacker-controlled DH-GEX...
UBUNTU-CVE-2026-55653
A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange DH-GEX client path. This occurs during FIPS Federal Information Processing Standards mode known-group validation when the client processes attacker-controlled DH-GEX...
CVE-2026-55653
CVE-2026-55653 affects OpenSSH and describes a double-free in the DH-GEX client path during FIPS known-group validation, allowing a malicious SSH server to terminate the client process and cause a Denial of Service. The issue is tied to processing attacker-controlled DH-GEX group parameters and i...
EUVD-2026-38412
A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange DH-GEX client path. This occurs during FIPS Federal Information Processing Standards mode known-group validation when the client processes attacker-controlled DH-GEX...
CVE-2026-55653
A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange DH-GEX client path. This occurs during FIPS Federal Information Processing Standards mode known-group validation when the client processes attacker-controlled DH-GEX...
Linux Distros Unpatched Vulnerability : CVE-2026-55653
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie- Hellman Group Exchange DH-GEX client path. This occur...
openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group
A key group selection preference flaw has been discovered in OpenSSL. An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the "DEFAULT" keyword. A less preferred key exchange may be used...
CVE-2026-12782
creationtimestamp| type| source ---|---|--- 2026-06-21 10:32:43+00:00| seen| https://infosec.exchange/users/offseq/statuses/116787630904398394 2026-06-22 01:39:40+00:00| seen| https://www.acn.gov.it/portale/w/easeus-poc-pubblici-per-il-prodotto-partition-master...
CVE-2026-12784
creationtimestamp| type| source ---|---|--- 2026-06-21 07:30:27+00:00| seen| https://infosec.exchange/users/offseq/statuses/116786923158989964 2026-06-21 07:30:28+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mortzyyqfs2t 2026-06-21 08:07:01+00:00| seen|...
CVE-2026-12806
creationtimestamp| type| source ---|---|--- 2026-06-21 04:33:12+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116786226230335381 2026-06-21 21:49:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mote2cizsf2v 2026-06-22 00:00:41+00:00| seen|...