CVE-2025-59339 The Bastion ttyrec files are not signed after encryption by the osh-encrypt-rsync script

The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote storage periodically, i...

CVE-2025-59339 The Bastion ttyrec files are not signed after encryption by the osh-encrypt-rsync script

The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote storage periodically, i...

PT-2025-38246

Name of the Vulnerable Software and Affected Versions: The Bastion affected versions not specified Description: The Bastion provides authentication, authorization, traceability, and auditability for SSH accesses. Session-recording ttyrec files are handled by the provided osh-encrypt-rsync script,...

The Bastion 安全漏洞

The Bastion is an open source authentication system from OVHcloud. A security vulnerability exists in The Bastion that stems from a script that fails to properly sign a file, potentially leading to data integrity issues...

CVE-2025-43331

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data...

CVE-2025-43331

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data...

CVE-2025-43331

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data...

CVE-2025-43331

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data...

CVE-2025-43331

CVE-2025-43331 describes a downgrade issue caused by insufficiently restricted code signing in macOS Tahoe 26. The vulnerability could allow an app to access protected user data when running on affected macOS Tahoe 26 systems. The CVE entry states the flaw is fixed in macOS Tahoe 26; no exploitat...

Oracle Linux 10 : kernel (ELSA-2025-15662)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-15662 advisory. 6.12.0-55.32.1.0.1 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 -...

kernel security update

4.18.0-553.75.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

kernel security update

5.14.0-570.44.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

PT-2025-37832

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Tahoe 26 Description: A flaw allows an application to potentially access protected user data due to a downgrade issue. This issue was addressed with additional code-signing restrictions. Recommendations: Update to macO...

CVE-2025-9633

The LH Signing plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.83. This is due to missing or incorrect nonce validation on the pluginoptions function. This makes it possible for unauthenticated attackers to modify plugin settings via a forg...

kernel security update

5.14.0-570.42.2.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

WordPress LH Signing plugin <= 2.83 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Nabil Irawan in WordPress Plugin LH Signing versions = 2.83...

CVE-2025-55234

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against...

CVE-2025-9633

The LH Signing plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.83. This is due to missing or incorrect nonce validation on the pluginoptions function. This makes it possible for unauthenticated attackers to modify plugin settings via a forg...

CVE-2025-9633

CVE-2025-9633: LH Signing WordPress plugin vulnerabilities exist in all versions up to 2.83 due to missing or incorrect nonce validation in the plugin_options function, enabling CSRF. This allows unauthenticated attackers to modify plugin settings by inducing an admin action (e.g., clicking a for...

CVE-2025-9633 LH Signing <= 2.83 - Cross-Site Request Forgery

The LH Signing plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.83. This is due to missing or incorrect nonce validation on the pluginoptions function. This makes it possible for unauthenticated attackers to modify plugin settings via a forg...