Lucene search
K

8 matches found

OSV
OSV
added 2026/02/18 2:53 p.m.6 views

CVE-2026-23220 ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by nextsmb2rcvhdroff reset in error paths The problem occurs when a signed request fails smb2 signature verification check. In processrequest, if checksignreq returns an error, setsmb2rspstatuswork...

5.5CVSS5.3AI score0.00118EPSS
Exploits0References9
OSV
OSV
added 2025/09/17 5:50 p.m.3 views

CVE-2025-59339 The Bastion ttyrec files are not signed after encryption by the osh-encrypt-rsync script

The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote storage periodically, i...

4.4CVSS6.9AI score0.00094EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/22 12:0 a.m.2 views

libssh 资源管理错误漏洞

libssh is a C development package from the libssh organization for accessing SSH services that can execute remote commands, file transfers, and also provide a secure transport channel for remote programs. A resource management error vulnerability exists in libssh that stems from the presence of...

3.6CVSS7.5AI score0.00181EPSS
Exploits0References3
OSV
OSV
added 2024/08/15 11:55 a.m.11 views

USN-6962-1 libreoffice vulnerability

It was discovered that LibreOffice incorrectly allowed users to enable macros when a cryptographic signature failed to validate. If a user were tricked into opening a specially crafted document, a remote attacker could possibly execute arbitrary macros...

7.8CVSS6AI score0.00238EPSS
Exploits0References2
Prion
Prion
added 2022/08/10 5:15 p.m.26 views

Design/Logic Flaw

A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key...

5CVSS7.4AI score0.16647EPSS
Exploits0References1Affected Software2
CNVD
CNVD
added 2017/11/09 12:0 a.m.4 views

jwt-scala Cannot Verify Token Signature Vulnerability

jwt-scala is a Scala library for processing JSON Web Token JWT. A security vulnerability exists in jwt-scala 1.2.2 and earlier versions, which stems from the program failing to properly verify token signatures. A remote attacker can exploit the vulnerability to forge a signed token with specially...

5.3CVSS6.9AI score0.00583EPSS
Exploits0References1
Cvelist
Cvelist
added 2016/04/12 11:0 p.m.21 views

CVE-2016-0887

EMC RSA BSAFE Micro Edition Suite MES 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition CCME 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before 6.2.1, and RSA BSAFE SSL-C before 2.8.9 allow remote attackers to discover a private-key prime by...

5.8AI score0.03539EPSS
Exploits0References6
Cvelist
Cvelist
added 2004/04/16 4:0 a.m.38 views

CVE-2004-0155

The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509...

7.2AI score0.03625EPSS
Exploits0References12
Rows per page
Query Builder