97 matches found
CVE-2026-31402
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer rpibufNFSD4REPLAYISIZE to store encoded operation responses. This size was calculated based on OPEN responses and...
UBUNTU-CVE-2026-31402
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer rpibufNFSD4REPLAYISIZE to store encoded operation responses. This size was calculated based on OPEN responses and...
CVE-2026-31402
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer rpibufNFSD4REPLAYISIZE to store encoded operation responses. This size was calculated based on OPEN responses and...
CVE-2026-31402 nfsd: fix heap overflow in NFSv4.0 LOCK replay cache
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer rpibufNFSD4REPLAYISIZE to store encoded operation responses. This size was calculated based on OPEN responses and...
CVE-2026-31402
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer rpibufNFSD4REPLAYISIZE to store encoded operation responses. This size was calculated based on OPEN responses and...
CVE-2026-31402
CVE-2026-31402 affects the Linux kernel NFSv4.0 server (nfsd) via the LOCK replay cache. A large lock owner in a denied LOCK can cause a slab-out-of-bounds write into the 112-byte replay buffer, corrupting adjacent heap memory. The issue can be triggered remotely by two cooperating NFSv4.0 client...
GHSA-HHQ4-97C2-P447 OpenClaw: Zalo webhook replay cache cross-target messageId scope bypass
Summary Zalo webhook replay cache cross-target messageId scope bypass Current Maintainer Triage - Status: narrow - Normalized severity: low - Assessment: v2026.3.28 replay dedupe is still keyed too broadly, but the issue should stay scoped to authenticated sibling-target delivery paths rather tha...
OpenClaw: Zalo webhook replay cache cross-target messageId scope bypass
Summary Zalo webhook replay cache cross-target messageId scope bypass Current Maintainer Triage - Status: narrow - Normalized severity: low - Assessment: v2026.3.28 replay dedupe is still keyed too broadly, but the issue should stay scoped to authenticated sibling-target delivery paths rather tha...
PT-2026-30185
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s Network File System daemon nfsd contained a heap overflow in the NFSv4.0 LOCK replay cache. The NFSv4.0 replay cache uses a fixed 112-byte inline buffer to store encod...
CVE-2025-64131
Jenkins SAML Plugin 4.583.vc68232f7018a and earlier does not implement a replay cache, allowing attackers able to obtain information about the SAML authentication flow between a user's web browser and Jenkins to replay those requests, authenticating to Jenkins as that user...
EUVD-2025-36652
Jenkins SAML Plugin does not implement a replay cache...
CVE-2025-64131
Jenkins SAML Plugin 4.583.vc68232f7018a and earlier does not implement a replay cache, allowing attackers able to obtain information about the SAML authentication flow between a user's web browser and Jenkins to replay those requests, authenticating to Jenkins as that user...
CVE-2025-64131
CVE-2025-64131 concerns the Jenkins SAML Plugin (versions up to 4.583.vc68232f7018a_ and earlier) not implementing a replay cache for SAML authentication flow. The absence of a replay cache allows an attacker who can observe the SAML exchange to replay requests and authenticate as the target user...
CVE-2025-64131
Jenkins SAML Plugin 4.583.vc68232f7018a and earlier does not implement a replay cache, allowing attackers able to obtain information about the SAML authentication flow between a user's web browser and Jenkins to replay those requests, authenticating to Jenkins as that user...
Jenkins SAML Plugin 安全漏洞
Jenkins SAML Plugin is an open source single sign-on plugin for Jenkins. A security vulnerability exists in Jenkins SAML Plugin 4.583.vc68232f7018a and prior versions, which stems from an unimplemented replay cache, which could allow an attacker to authenticate by replaying SAML authentication...
PT-2025-44280
Name of the Vulnerable Software and Affected Versions Jenkins SAML Plugin versions 4.583.vc68232f7018a and earlier Description The Jenkins SAML Plugin does not implement a replay cache. This allows attackers who can gather information about the SAML authentication process between a user’s web...
EUVD-2017-17762
Malware in sbrugna...
EUVD-2025-27518
Malicious code in bioql PyPI...
CVE-2025-9943
An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider SP is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing f...
CVE-2025-9943
An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider SP is configured to use an SQL database as storage service. An unauthenticated attacker can exploit this issue via blind SQL injection, allowing f...