12 matches found
EUVD-2025-30922
Malicious code in bioql PyPI...
EUVD-2025-24614
Malicious code in bioql PyPI...
CVE-2025-59534
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.2, there is a command Injection vulnerability in...
CVE-2025-59534 CryptoLib command Injection vulnerability in initialize_kerberos_keytab_file_login()
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.2, there is a command Injection vulnerability in...
CVE-2025-59534 CryptoLib command Injection vulnerability in initialize_kerberos_keytab_file_login()
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.2, there is a command Injection vulnerability in...
CryptoLib 操作系统命令注入漏洞
CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. An operating system command injection vulnerability exists in CryptoLib versions prior to 1.4.2, which stems from the initializekerberoskeytabfilelogin...
CVE-2025-8904 Privilege escalation issue in Amazon EMR Secret Agent component
Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR versio...
PT-2025-33036
Name of the Vulnerable Software and Affected Versions: Amazon EMR versions 6.10 through 7.4 Amazon EMR version 7.5 and higher Description: Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this director...
Security update for samba
This update for samba fixes the following issues: CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session bsc1244136. Other bugfixes: net ad join fails with "Failed to join domain: failed to create kerberos keytab" bsc1238063. Patch Instructions:...
SUSE-SU-2025:02230-1 Security update for samba
This update for samba fixes the following issues: - CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session bsc1244136. Other bugfixes: - net ad join fails with 'Failed to join domain: failed to create kerberos keytab' bsc1238063...
ISC BIND Security Vulnerability
ISC BIND is a suite of open source software that implements the DNS protocol from the US company ISC. A security vulnerability exists in ISC BIND that stems from the fact that the server may become vulnerable by explicitly setting a valid value for the tkey-gssapi-keytab or...
postgresql: unanticipated errors from the standard library
It was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system was in a state that would cause the standard library functions to fail for example, memory exhaustion, an authenticated user could possibly exploit this flaw to disclose...