Lucene search
K

265 matches found

Snyk
Snyk
added 2026/05/21 9:49 p.m.15 views

Insecure Randomness

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/21 9:49 p.m.19 views

Insecure Randomness

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/21 9:49 p.m.14 views

Insecure Randomness

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/21 9:49 p.m.13 views

Insecure Randomness

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/21 9:49 p.m.12 views

Insecure Randomness

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/21 9:49 p.m.15 views

Insecure Randomness

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/21 9:49 p.m.12 views

Insecure Randomness

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/21 9:49 p.m.15 views

Insecure Randomness

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/21 9:49 p.m.12 views

Insecure Randomness

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/21 9:49 p.m.14 views

Insecure Randomness

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, BlueZ

In the Bluetooth Core Specification 2.1 through 5.2, Bluetooth LE and BR/EDR secure pairing mechanisms may allow a nearby man-in-the-middle attacker to identify the Passkey used during pairing in the Passkey authentication procedure by reflecting the public key and the authentication evidence of...

4.3CVSS6.9AI score0.00872EPSS
Exploits0References2
Microsoft Secure
Microsoft Secure
added 2026/05/07 4:0 p.m.11 views

World Passkey Day: Advancing passwordless authentication

World Passkey Day is a chance to reflect on progress toward a shared goal: reducing our reliance on passwords and other phishable authentication methods by accelerating passkey adoption. As cyberattacks become more automated and AI-powered, each account is only as secure as its weakest credential...

5.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/05/07 4:0 p.m.11 views

World Passkey Day: Advancing passwordless authentication

World Passkey Day is a chance to reflect on progress toward a shared goal: reducing our reliance on passwords and other phishable authentication methods by accelerating passkey adoption. As cyberattacks become more automated and AI-powered, each account is only as secure as its weakest credential...

5.9AI score
Exploits0
OSV
OSV
added 2026/05/06 11:34 p.m.8 views

GHSA-GPXG-FX2G-QXJ2 Kanidm: Stored HTML injection in "passkey-enrolment" partial via displayname → htmx-driven authenticated request forgery

Summary The kanidmd web UI renders the WebAuthn passkey-registration challenge as raw JSON inside an inline element using the Askama |safe filter. The challenge embeds the account's displayname, which serdejson serialises without escaping . A displayname containing therefore terminates the script...

6.1CVSS5.9AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/06 11:34 p.m.24 views

Kanidm: Stored HTML injection in "passkey-enrolment" partial via displayname → htmx-driven authenticated request forgery

Summary The kanidmd web UI renders the WebAuthn passkey-registration challenge as raw JSON inside an inline element using the Askama |safe filter. The challenge embeds the account's displayname, which serdejson serialises without escaping . A displayname containing therefore terminates the script...

5.9AI score
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/03 9:57 a.m.18 views

OESA-2026-2171 sssd security update

Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References2
OSV
OSV
added 2026/05/03 9:56 a.m.18 views

OESA-2026-2170 sssd security update

Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References2
OSV
OSV
added 2026/05/03 9:56 a.m.8 views

OESA-2026-2169 sssd security update

Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/17 12:4 p.m.5 views

SUSE CVE-2026-6245

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

5.5CVSS5.7AI score0.00141EPSS
Exploits0References3
NVD
NVD
added 2026/04/15 7:16 p.m.58 views

CVE-2026-6245

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

5.5CVSS0.00141EPSS
Exploits0References2
Rows per page
Query Builder