812 matches found
CLSA-2026-1778256918 java-17-openjdk: Fix of 8 CVEs
Update to jdk-17.0.19+10 GA - CVE-2026-22007: Enhance crypto algorithm support - CVE-2026-22013: Improve Kerberos credentialing - CVE-2026-22016: Enhance Path Factories Redux - CVE-2026-22018: Enhance Zip file reading - CVE-2026-22021: Enhance certificate chain validation - CVE-2026-23865:...
CVE-2026-43377
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...
CVE-2026-43377
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from ksmbd’s ability to record key bytes during SMB3 signature and encryption key generation, potentially...
RHEL 8 : kernel-rt (RHSA-2026:13578)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13578 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...
MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.492.b09-1.el8 (AXSA:2026-545:07)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-545:07 advisory. JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux...
openjdk: Enhance key generation (Oracle CPU 2026-04)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....
Use of Cache Containing Sensitive Information
Overview Affected versions of this package are vulnerable to Use of Cache Containing Sensitive Information due to the default KeyGenerator process in the cache middleware not including query parameters when generating cache keys. An attacker can access or cause exposure of user-specific or...
VMware Spring Boot 安全特征问题漏洞
VMware Spring Boot is an open-source framework developed by the American company VMware. There are security vulnerabilities in versions 4.0.0 to 4.0.5, 3.5.0 to 3.5.13, 3.4.0 to 3.4.15, 3.3.0 to 3.3.18, and 2.7.0 to 2.7.32 of VMware Spring Boot. These vulnerabilities stem from the use of random...
CVE-2026-28747
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...
CVE-2026-28747 Milesight Cameras Authorization Bypass Through User-Controlled Key
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...
CVE-2026-28747
CVE-2026-28747 : A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras that allows authorization to be bypassed. Affected product is Milesight AIOT cameras; root cause is weak key generation in firmware. Impact is high on confidentiality, integrity, an...
CVE-2026-28747
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...
CVE-2026-28747 Milesight Cameras Authorization Bypass Through User-Controlled Key
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...
EUVD-2026-25929
A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...
[SECURITY] [DSA 6231-1] openjdk-21 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6231-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 27, 2026 https://www.debian.org/security/faq -...
PT-2026-35538
Name of the Vulnerable Software and Affected Versions Milesight AIOT cameras affected versions not specified Description A weak key generation issue allows authorization to be bypassed. Recommendations At the moment, there is no information about a newer version that contains a fix for this...
Debian dsa-6231 : openjdk-21-dbg - security update
The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6231 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6231-1 [email protected] https://www.debian.org/securit...
openjdk: Enhance key generation (Oracle CPU 2026-04)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....
openjdk: Enhance key generation (Oracle CPU 2026-04)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....