Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53073

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcildisc: Clear HCIUARTPROTOINIT on error When hciregisterdev fails in hciuartregisterdev HCIUARTPROTOINIT is not cleared before calling...

6AI score0.00172EPSS
Exploits0References3
Hacker One
Hacker One
added 2026/05/30 7:56 a.m.19 views

curl: SMTP connection reuse ignores --ssl-reqd / CURLOPT_USE_SSL and reuses a clear-text STARTTLS session on current master

Summary: Current master reintroduces a STARTTLS connection-reuse bug in SMTP. After commit 91dcf4e610 url: urlmatchdestination fix, curl/libcurl can reuse an already-established clear-text smtp:// session for a later logical request that explicitly requires TLS via --ssl-reqd or CURLOPTUSESSL =...

5.8AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/05 1:45 a.m.10 views

SUSE CVE-2026-43859

mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP authcram MD5 digest...

4.8CVSS5.8AI score0.00162EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2026/03/01 10:33 a.m.4 views

Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.103 fixes various security issues The following security issues were fixed: CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255577. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256097...

8.5CVSS7AI score0.00195EPSS
Exploits0References12
OSV
OSV
added 2026/02/05 8:15 p.m.5 views

CVE-2025-12131

A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service...

6.5CVSS5.8AI score0.0022EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 4 : curl-7.19.7-46.AXS4 (AXSA:2015-432:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-432:02 advisory. cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is...

5CVSS7.5AI score0.17942EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.1 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002300)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002300 advisory. The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended...

5CVSS7.9AI score0.04144EPSS
Exploits2References18
Tenable Nessus
Tenable Nessus
added 2025/10/14 12:0 a.m.3 views

AlmaLinux 8 : kernel (ALSA-2025:17797)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:17797 advisory. kernel: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 CVE-2022-50228 kernel: Bluetooth: L2CAP: Fix use-after-free CVE-2023-53305 Tenab...

7.8CVSS7.4AI score0.00219EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-39301

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/9p: fix uninit-value in p9clientrpc Syzbot with the help of KMSAN reported the following error: BUG: KMSAN: uninit-value in trace9pclientres...

5.5CVSS6.7AI score0.00228EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/07 12:2 a.m.3 views

CVE-2025-54885 Thinbus generates insufficient entropy: 252 bits vs minimum 256 bits

Thinbus Javascript Secure Remote Password is a browser SRP6a implementation for zero-knowledge password authentication. In versions 2.0.0 and below, a protocol compliance bug causes the client to generate a fixed 252 bits of entropy instead of the intended bit length of the safe prime defaulted t...

9.1CVSS6.5AI score0.00449EPSS
Exploits0References3
OSV
OSV
added 2024/07/02 10:15 p.m.7 views

AZL-78960 CVE-2024-24791 affecting package golang 1.25.7-1

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail...

7.5CVSS6.7AI score0.01414EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/03/25 10:15 a.m.5 views

CVE-2021-47162

In the Linux kernel, the following vulnerability has been resolved: tipc: skblinearize the head skb when reassembling msgs It's not a good idea to append the frag skb to a skb's fraglist if the fraglist already has skbs from elsewhere, such as this skb was created by pskbcopy where the fraglist w...

5.5CVSS6.2AI score0.00232EPSS
Exploits0References9Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/24 12:0 a.m.6 views

The vulnerability of the VPN package based on the IPSec protocol strongSwan is caused by a mistake in the charon-tkm process, allowing a hacker to execute arbitrary code.

The vulnerability of the VPN package based on the IPSec protocol and strongSwan is caused by a mistake in the charon-tkm process, where the Key Exchange Protocol IKE is implemented using the TKMv2 Trusted Key Manager. Exploiting this vulnerability allows an attacker operating remotely to execute...

7CVSS8.1AI score0.0229EPSS
Exploits0References11Affected Software11
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.3 views

kernel: Linux kernel (TIPC): Information disclosure via uninitialized memory in tipc_topsrv_kern_subscr

A flaw was found in the Linux kernel's Transparent Inter-Process Communication TIPC protocol. This vulnerability allows a local user to disclose sensitive information due to four uninitialized bytes in the sub.usrhandle field within the tipctopsrvkernsubscr function. When a user issues a setsocko...

5.5CVSS5.7AI score0.00147EPSS
Exploits0References5
OSV
OSV
added 2021/06/08 1:15 p.m.3 views

UBUNTU-CVE-2021-22212

ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of the ''. This results in the administrator not bein...

7.4CVSS5.8AI score0.00522EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.5 views

NTPsec 加密问题漏洞

NTPsec is a more secure NTP. A security vulnerability exists in NTPsec 1.2.0 that allows ntpkeygen to generate keys...

7.4CVSS7.5AI score0.00522EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.3 views

thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

7.5CVSS7.3AI score0.06793EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2017/07/14 12:0 a.m.55 views

CentOS Update for httpd CESA-2017:1721 centos6

Check the version of httpd SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882751";...

7.5CVSS6.2AI score0.13252EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/07/24 12:0 a.m.4 views

The vulnerability of Cisco Nexus 1000V microprogramming software allows a remote attacker to gain unauthorized access to the device.

The function for receiving messages in the ntpproto.c file continues to operate even after an error message is displayed. This allows a remote attacker to gain unauthorized access to the device using specially crafted packets...

5CVSS6.5AI score0.16161EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2015/06/05 12:0 a.m.6 views

The vulnerability of the microprogramming software of Cisco Nexus 5000 allows a remote attacker to gain unauthorized access to the device.

The function for receiving messages in the ntpproto.c file continues to operate even after an error message is displayed. This allows a remote attacker to gain unauthorized access to the device using specially crafted packets...

5CVSS6.5AI score0.16161EPSS
Exploits1References3
Rows per page
Query Builder