32 matches found
Important: containerd
Issue Overview: An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state a...
Linux Distros Unpatched Vulnerability : CVE-2026-39829
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could...
CVE-2026-5363
TP-Link Archer C7 v5/v5.8 (uhttpd) is affected by CVE-2026-5363 due to inadequate encryption strength: the admin password is encrypted client-side with RSA-1024 before login, allowing an adjacent attacker to brute-force or factor the 1024-bit key and recover plaintext credentials, leading to unau...
Metasploit Wrap-Up 02/06/2026
Google Summer of Code 2026 Our very own Jack Heysel has added some documentation which outlines the Metasploit Framework project ideas for GSoC 2026. For anyone interested in applying please see GSoC-How-To-Apply documentation, or reach out on slack to any of the following GSoC mentors on Slack v...
CVE-2022-38692
In BootROM, there is a missing size check for RSA keys in Certificate Type 0 validation. This could lead to memory buffer overflow without requiring additional execution privileges...
CVE-2025-7844
Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default MAXRSAKEYBITS=2048 is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than...
CVE-2025-7844 wolfTPM library wrapper function `wolfTPM2_RsaKey_TpmToWolf` copies external data to a fixed-size stack buffer without length validation potentially causing stack-based buffer overflow
Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default MAXRSAKEYBITS=2048 is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than...
CVE-2025-7844
CVE-2025-7844 affects wolfTPM (wolfSSL) via wolfTPM2_RsaKey_TpmToWolf: exporting an RSA key >2048 bits from a TPM can overflow a fixed-size stack buffer when MAX_RSA_KEY_BITS is 2048. Root cause: copying external data to a stack buffer without length validation. If MAX_RSA_KEY_BITS matches the...
Denial Of Service (DoS)
libp2p is vulnerable to Denial Of Service DoS. The vulnerability is due to insufficient validation of RSA key sizes, which allows an attacker to send a large RSA key and exhaust system resources...
Medium: ecs-init
Issue Overview: Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are...
Amazon Linux 2 : ecs-init (ALASECS-2025-051)
The version of ecs-init installed on the remote host is prior to 1.75.3-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-051 advisory. Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures...
CVE-2022-49563 crypto: qat - add param check for RSA
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for RSA Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a possible integer underflow that might happen when copying the source scatterlist into a line...
RHEL 8 : container-tools:4.0 (RHSA-2024:0121)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0121 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang:...
Important: ecs-init
Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...
Oracle Linux 9 : buildah (ELSA-2023-7764)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7764 advisory. 1.31.3-2.0.1 - Rebuild for CVEs: CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 CVE-2023-29409 Tenable has extracted the preceding...
RHEL 9 : podman (RHSA-2023:7765)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7765 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use contain...
Important: docker
Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Templates did not properly consider backticks as Javascript string delimiters, and as such did not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contained a G...
Important: docker
Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Templates did not properly consider backticks as Javascript string delimiters, and as such did not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contained a G...
Important: amazon-ecr-credential-helper
Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...
Medium: amazon-cloudwatch-agent
Issue Overview: 2023-10-11: The severity level was changed from Important to Medium. Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192...