Lucene search
K

27026 matches found

Fedora
Fedora
added 2026/03/07 2:31 a.m.8 views

[SECURITY] Fedora 44 Update: nss-3.120.1-1.fc44

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/03/07 2:31 a.m.9 views

FUXA has a hardcoded fallback JWT signing secret

FUXA used a static fallback JWT signing secret frangoteam751 when no secretCode was configured. If authentication was enabled without explicitly setting a custom secret, an attacker who knew the default value could forge valid JWT tokens and bypass authentication. This issue has been addressed in...

9.8CVSS5.7AI score0.02036EPSS
Exploits0References4Affected Software1
AstraLinux
AstraLinux
added 2026/03/06 9:4 p.m.5 views

Astra Linux - уязвимость в curl

A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname, but using clear text HTTP using the same cookie set 3. The same cookie name is set - but with just a slash as path path="/",. Since this site is not...

7.5CVSS6.2AI score0.01301EPSS
Exploits1References2
OSV
OSV
added 2026/03/06 12:41 p.m.5 views

OESA-2026-1492 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

6.3CVSS5.8AI score0.00408EPSS
Exploits0References3
Securelist
Securelist
added 2026/03/06 10:0 a.m.13 views

Exploits and vulnerabilities in Q4 2025

The fourth quarter of 2025 went down as one of the most intense periods on record for high-profile, critical vulnerability disclosures, hitting popular libraries and mainstream applications. Several of these vulnerabilities were picked up by attackers and exploited in the wild almost immediately...

10CVSS7.3AI score0.99982EPSS
Exploits885
GithubExploit
GithubExploit
added 2026/03/06 5:32 a.m.169 views

Exploit for CVE-2026-20079

CVE-2026-20079 — Cisco FMC Authentication Bypass Descripti...

10CVSS6.2AI score0.33898EPSS
Exploits2
Packet Storm News
Packet Storm News
added 2026/03/06 12:0 a.m.2 views

Secure In-Memory Execution with W^X Enforcement Using mprotect

This C program demonstrates how to dynamically control memory allocation with the W^X protection principle...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/06 12:0 a.m.0 views

Alkaid: Resilience to Edit Errors in Provably Secure Steganography Via Distance-Constrained Encoding

While provably secure steganography provides strong concealment by ensuring stego carriers are indistinguishable from natural samples, such systems remain vulnerable to real-world edit errors e.g., insertions, deletions, substitutions because their decoding depends on perfect synchronization and...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.2 views

NewStart CGSL MAIN 6.06 (SP) : grub2 Multiple Vulnerabilities (NS-SA-2026-0016)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has grub2 packages installed that are affected by multiple vulnerabilities: - Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a...

8.8CVSS7.4AI score0.05315EPSS
Exploits2References19
RedhatCVE
RedhatCVE
added 2026/03/05 7:31 p.m.5 views

CVE-2026-20102

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the SAML feature and access sensitive,...

6.1CVSS5.8AI score0.00264EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/05 7:31 p.m.4 views

CVE-2026-20007

A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Snort rules and allow traffic onto the network that should have been dropped. This vulnerability is due to a...

5.8CVSS6AI score0.00247EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/05 7:31 p.m.4 views

CVE-2026-20025

A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF...

6.8CVSS6AI score0.00164EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/05 7:31 p.m.5 views

CVE-2026-20069

A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This...

4.3CVSS5.8AI score0.00273EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/05 7:31 p.m.7 views

CVE-2026-20001

A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-supplied input. An attacker could exploit this vulnerability by sending...

6.5CVSS6AI score0.00324EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/05 7:31 p.m.4 views

CVE-2026-20005

Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete parsing of the...

5.8CVSS6AI score0.0049EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/05 7:31 p.m.4 views

CVE-2026-20073

A vulnerability in Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to send traffic that should be denied through an affected device. This vulnerability is due to improper error...

5.8CVSS6AI score0.00381EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/05 7:31 p.m.4 views

CVE-2026-20024

A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF...

6.8CVSS6AI score0.00187EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/05 7:31 p.m.5 views

CVE-2026-20015

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may impact the availability of services to devices elsewhere in the network. This...

5.8CVSS6AI score0.00303EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/05 7:31 p.m.4 views

CVE-2026-20006

A vulnerability in the TLS cryptography functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to unexpectedly restart, resulting in a denial of service DoS condition...

5.8CVSS6AI score0.00373EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/05 7:31 p.m.6 views

CVE-2026-20017

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...

6CVSS6.2AI score0.00172EPSS
Exploits0References1
Rows per page
Query Builder