Lucene search
K

812 matches found

OSV
OSV
added 2026/05/08 10:50 p.m.18 views

CLSA-2026-1778256918 java-17-openjdk: Fix of 8 CVEs

Update to jdk-17.0.19+10 GA - CVE-2026-22007: Enhance crypto algorithm support - CVE-2026-22013: Improve Kerberos credentialing - CVE-2026-22016: Enhance Path Factories Redux - CVE-2026-22018: Enhance Zip file reading - CVE-2026-22021: Enhance certificate chain validation - CVE-2026-23865:...

7.5CVSS5.8AI score0.00702EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.11 views

CVE-2026-43377

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...

8.1CVSS5.8AI score0.00248EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.10 views

CVE-2026-43377

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...

8.1CVSS5.7AI score0.00248EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from ksmbd’s ability to record key bytes during SMB3 signature and encryption key generation, potentially...

8.1CVSS5.8AI score0.00248EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.14 views

RHEL 8 : kernel-rt (RHSA-2026:13578)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13578 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

9.8CVSS6.8AI score0.96267EPSS
Exploits228References14
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.7 views

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.492.b09-1.el8 (AXSA:2026-545:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-545:07 advisory. JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux...

7.5CVSS7.3AI score0.00702EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/30 8:38 p.m.8 views

openjdk: Enhance key generation (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....

2.9CVSS7.4AI score0.00122EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/28 10:28 p.m.7 views

Use of Cache Containing Sensitive Information

Overview Affected versions of this package are vulnerable to Use of Cache Containing Sensitive Information due to the default KeyGenerator process in the cache middleware not including query parameters when generating cache keys. An attacker can access or cause exposure of user-specific or...

6.9CVSS5.8AI score0.00251EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.11 views

VMware Spring Boot 安全特征问题漏洞

VMware Spring Boot is an open-source framework developed by the American company VMware. There are security vulnerabilities in versions 4.0.0 to 4.0.5, 3.5.0 to 3.5.13, 3.4.0 to 3.4.15, 3.3.0 to 3.3.18, and 2.7.0 to 2.7.32 of VMware Spring Boot. These vulnerabilities stem from the use of random...

7.5CVSS5.8AI score0.00312EPSS
Exploits0References1
NVD
NVD
added 2026/04/27 11:16 p.m.10 views

CVE-2026-28747

A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...

7.3CVSS0.00177EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/27 10:44 p.m.28 views

CVE-2026-28747 Milesight Cameras Authorization Bypass Through User-Controlled Key

A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...

7.3CVSS0.00177EPSS
Exploits0References3
CVE
CVE
added 2026/04/27 10:44 p.m.12 views

CVE-2026-28747

CVE-2026-28747 : A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras that allows authorization to be bypassed. Affected product is Milesight AIOT cameras; root cause is weak key generation in firmware. Impact is high on confidentiality, integrity, an...

7.3CVSS5.2AI score0.00177EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/27 10:44 p.m.5 views

CVE-2026-28747

A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...

7.3CVSS5.2AI score0.00177EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/27 10:44 p.m.6 views

CVE-2026-28747 Milesight Cameras Authorization Bypass Through User-Controlled Key

A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...

7.3CVSS5.2AI score0.00177EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/27 10:44 p.m.8 views

EUVD-2026-25929

A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...

7.3CVSS5.2AI score0.00177EPSS
Exploits0References3
Debian
Debian
added 2026/04/27 8:20 p.m.16 views

[SECURITY] [DSA 6231-1] openjdk-21 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6231-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 27, 2026 https://www.debian.org/security/faq -...

7.5CVSS7.8AI score0.00702EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.7 views

PT-2026-35538

Name of the Vulnerable Software and Affected Versions Milesight AIOT cameras affected versions not specified Description A weak key generation issue allows authorization to be bypassed. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

7.3CVSS5.4AI score0.00177EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.14 views

Debian dsa-6231 : openjdk-21-dbg - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6231 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6231-1 [email protected] https://www.debian.org/securit...

7.5CVSS7.9AI score0.00702EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2026/04/24 11:24 a.m.13 views

openjdk: Enhance key generation (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....

2.9CVSS7.4AI score0.00122EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/24 11:22 a.m.9 views

openjdk: Enhance key generation (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....

2.9CVSS7.4AI score0.00122EPSS
Exploits0References5
Rows per page
Query Builder