Lucene search
+L

11 matches found

RedHat Linux
RedHat Linux
added 2026/07/09 7:38 a.m.5 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/08 3:52 p.m.14 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/07 1:15 p.m.10 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
OSV
OSV
added 2026/07/07 12:0 a.m.2 views

ALSA-2026:36199 Important: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

9.1CVSS6.5AI score0.00533EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/07/06 5:18 a.m.4 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions

A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...

9.1CVSS6AI score0.00525EPSS
Exploits0References8
OSV
OSV
added 2026/05/11 2:35 p.m.2 views

CVE-2026-7817 pgAdmin 4: Local file inclusion and server-side request forgery in LLM API configuration endpoints

Local file inclusion LFI and server-side request forgery SSRF vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied apikeyfile and apiurl preferences were passed to the LLM provider clients without validation. An authenticated user could read arbitrary server-side files by...

7.1CVSS6.1AI score0.00217EPSS
Exploits0References4
NVD
NVD
added 2026/04/09 10:16 p.m.16 views

CVE-2026-35636

OpenClaw versions 2026.3.11 through 2026.3.24 contain a session isolation bypass vulnerability where sessionstatus resolves sessionId to canonical session keys before enforcing visibility checks. Sandboxed child sessions can exploit this to access parent or sibling sessions that should be blocked...

7.1CVSS0.00259EPSS
Exploits0References3
Hacker One
Hacker One
added 2025/07/13 8:12 p.m.240 views

8x8: █.8x8.vc/index.js: Exposed Google Maps API Key Allowing Potential Abuse of Paid Services

The Google Maps API key was inadvertently exposed in client-side code, allowing potential unauthorized access to some Google Maps services. The issue was promptly addressed by implementing appropriate API key restrictions where feasible...

6.8AI score
Exploits0
Veracode
Veracode
added 2024/06/24 6:5 a.m.8 views

Prototype Pollution

@byondreal/accessor is vulnerable to Prototype Pollution. The vulnerability is due to improper key restrictions to prevent object prototype manipulation, which allows an attacker to overwrite the object prototype which can result in remote code execution​ among other attacks...

8.1CVSS7.3AI score0.00563EPSS
Exploits0References1Affected Software1
Huntr
Huntr
added 2021/05/24 3:33 p.m.8 views

Improper Access Control in causefx/organizr

✍️ Description Google Maps API key without proper referer restrictions is found in your repo. It can be embeded to anyone's website and if the billing account is active, it will incur charges on your account. 🕵️‍♂️ Proof of Concept Visit the following link to verify that you can use the service...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2004/01/03 12:0 a.m.58 views

TOCTOU with NT System Service Hooking

TOCTOU Time-Of-Check-to-Time-Of-Use problem is known for a while 1. Nevertheless such bugs are still not uncommon. That is more or less acceptable for general software but not for security products. I believe there are drivers that hook kernel system services by well known technique 2,3,4. Those...

0.1AI score
Exploits0
Rows per page
Query Builder