Lucene search
K

280 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19931

Malicious code in bioql PyPI...

8.8CVSS6.2AI score0.00407EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-48103

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00582EPSS
Exploits1References4
OSV
OSV
added 2025/09/12 2:26 p.m.4 views

OESA-2025-2294 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

8.8CVSS7.7AI score0.00494EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/07 6:11 p.m.19 views

CVE-2025-30198

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...

6.3CVSS7AI score0.00202EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/09/06 12:0 a.m.4 views

Wrangling Entropy: Next-Generation Multi-Factor Key Derivation, Credential Hashing, and Credential Generation Functions

The Multi-Factor Key Derivation Function MFKDF offered a novel solution to the classic problem of usable client-side key management by incorporating multiple popular authentication factors into a key derivation process, but was later shown to be vulnerable to cryptanalysis that degraded its...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2025/09/05 5:43 p.m.10 views

CVE-2025-30200 ECOVACS Vacuum and Base Station Hard-Coded AES Encryption

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived...

6.3CVSS0.00127EPSS
Exploits0References3
OSV
OSV
added 2025/09/05 12:42 p.m.3 views

OESA-2025-2130 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

8.8CVSS6.8AI score0.00407EPSS
Exploits0References4
OSV
OSV
added 2025/09/05 12:42 p.m.3 views

OESA-2025-2128 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

8.8CVSS6.8AI score0.00407EPSS
Exploits0References4
OSV
OSV
added 2025/08/28 1:33 p.m.6 views

GHSA-8FF6-PC43-JWV3 NeuVector has an insecure password storage and is vulnerable to rainbow attack

Impact NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack offline attack where hashes of known passwords are precomputed. NeuVector generates a cryptographically secure, random 16-character salt and uses it with the PBKDF2...

5.3CVSS5.8AI score0.00162EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-3798

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via CCreateObject, nor when...

5.5CVSS6.1AI score0.00263EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/08/25 11:34 p.m.4 views

SUSE CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success-the function may mistakenl...

7.1CVSS7AI score0.00407EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-5372

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to...

8.8CVSS6.6AI score0.00407EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/08/18 8:36 a.m.9 views

Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: Updated to go1.24.6 released 2025-08-06 bsc1236217: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go bsc1246118 - CVE-2025-47906: Fixed incorrect expansion of "", "." and ".." in some PATH...

9.3CVSS7.6AI score0.00489EPSS
Exploits1References16
Tenable Nessus
Tenable Nessus
added 2025/08/16 12:0 a.m.4 views

SUSE SLES15 Security Update : go1.23-openssl (SUSE-SU-2025:02812-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02812-1 advisory. Updated to go1.23.12 released 2025-08-06 bsc1229122: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS...

8.6CVSS7.2AI score0.00489EPSS
Exploits1References12
SUSE Linux
SUSE Linux
added 2025/08/15 12:52 p.m.12 views

Security update for go1.23-openssl

This update for go1.23-openssl fixes the following issues: Updated to go1.23.12 released 2025-08-06 bsc1229122: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS repositories in cmd/go bsc1246118 - CVE-2025-47906: Fixed incorrect expansion of "", "." and ".." in some PATH...

9.3CVSS7.5AI score0.00489EPSS
Exploits1References18
SUSE Linux
SUSE Linux
added 2025/08/14 10:19 a.m.3 views

Security update for libssh

This update for libssh fixes the following issues: CVE-2025-5372: sshkdf returns a success code on certain failures bsc1245314 CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend bsc1245317 CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions...

7.6CVSS7.4AI score0.02394EPSS
Exploits0References24
Tenable Nessus
Tenable Nessus
added 2025/07/19 12:0 a.m.6 views

CBL Mariner 2.0 Security Update: libssh (CVE-2025-5372)

The version of libssh installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5372 advisory. - A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf...

8.8CVSS7.1AI score0.00407EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/19 12:0 a.m.8 views

Azure Linux 3.0 Security Update: libssh (CVE-2025-5372)

The version of libssh installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5372 advisory. - A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf...

8.8CVSS7.1AI score0.00407EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/07/17 7:0 a.m.4 views

Libssh: incorrect return code handling in ssh_kdf() in libssh

...

8.8CVSS7AI score0.00407EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2025/07/10 4:5 p.m.4 views

Security update for libssh

This update for libssh fixes the following issues: CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. CVE-2025-4878: Fixed use of uninitialized variable in privatekeyfromfile bsc1245310. CVE-2025-5318: Fixed likely read beyond bounds in sftp server handl...

7.6CVSS7.4AI score0.02394EPSS
Exploits0References16
Rows per page
Query Builder