Lucene search
K

262 matches found

RedHat Linux
RedHat Linux
added 2026/04/02 12:33 p.m.13 views

openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables

A flaw was found in the OpenSSH GSSAPI Generic Security Service Application Program Interface delta patches, as included in various Linux distributions. A remote attacker could exploit this by sending an unexpected GSSAPI message type during the key exchange process. This occurs because the...

8.2CVSS6.2AI score0.0218EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/02 12:33 p.m.23 views

Important: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.2CVSS5.9AI score0.0218EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/04/02 12:9 p.m.10 views

openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables

A flaw was found in the OpenSSH GSSAPI Generic Security Service Application Program Interface delta patches, as included in various Linux distributions. A remote attacker could exploit this by sending an unexpected GSSAPI message type during the key exchange process. This occurs because the...

8.2CVSS7AI score0.0218EPSS
Exploits0References6
OSV
OSV
added 2026/04/02 12:0 a.m.5 views

ALSA-2026:6461 Important: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized...

8.2CVSS6.6AI score0.0218EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/04/02 12:0 a.m.5 views

Important: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized...

8.2CVSS6.7AI score0.0218EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/04/02 12:0 a.m.5 views

Important: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized...

8.2CVSS6.7AI score0.0218EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.6 views

CentOS 9 : openssh-9.9p1-7.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the openssh-9.9p1-7.el9 build changelog. - Fix information disclosure or denial of service due to uninitialized variables in gssapi-keyex CVE-2026-3497 Note that Nessus has not tested for...

8.2CVSS6.8AI score0.0218EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 11:16 a.m.3 views

CVE-2026-23282

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...

5.5CVSS0.00121EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from uninitialized variables, potentially leading to kernel crashes...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.5 views

CentOS 9 : openssh-9.9p1-5.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the openssh-9.9p1-5.el9 build changelog. - Fix information disclosure or denial of service due to uninitialized variables in gssapi-keyex CVE-2026-3497 Note that Nessus has not tested for...

8.2CVSS5.9AI score0.0218EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/21 12:0 a.m.7 views

Fedora 42 : openssh (2026-39819a3d62)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-39819a3d62 advisory. - CVE-2026-3497: Fix information disclosure or denial of service due to uninitialized variables in gssapi- keyex Tenable has extracted the preceding...

8.2CVSS6.9AI score0.0218EPSS
Exploits0References2
OSV
OSV
added 2026/03/12 7:16 p.m.2 views

DEBIAN-CVE-2026-3497

Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpktdisconnect on an error, which does not terminate the...

7.5CVSS6.9AI score0.0218EPSS
Exploits0References1
NVD
NVD
added 2026/03/12 7:16 p.m.5 views

CVE-2026-3497

Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpktdisconnect on an error, which does not terminate the...

8.2CVSS0.0218EPSS
Exploits0References42
ATTACKERKB
ATTACKERKB
added 2026/03/12 6:27 p.m.14 views

CVE-2026-3497

Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpktdisconnect on an error, which does not terminate the...

6.9CVSS6AI score0.0218EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/03/12 6:27 p.m.2 views

CVE-2026-3497

Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpktdisconnect on an error, which does not terminate the...

8.2CVSS6.9AI score0.0218EPSS
Exploits0
OSV
OSV
added 2026/03/12 6:0 p.m.4 views

UBUNTU-CVE-2026-3497

Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpktdisconnect on an error, which does not terminate the...

8.2CVSS6.8AI score0.0218EPSS
Exploits0References4
Rosalinux
Rosalinux
added 2026/02/16 12:24 p.m.9 views

Advisory ROSA-SA-2026-3196

Software: opensc 0.20.0 OS: ROSA Virtualization 2.1 unaffected versions = opensc-0.20.0-8.0.1.rv3 affected versions opensc-0.20.0-8.0.1.rv3 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

5.3CVSS6AI score0.02725EPSS
Exploits0
Rosalinux
Rosalinux
added 2026/02/16 10:56 a.m.6 views

Advisory ROSA-SA-2026-3178

Software: opensc 0.20.0 OS: ROSA Virtualization 3.0 unaffected versions = opensc-0.20.0-8.0.1.rv30 affected versions opensc-0.20.0-8.0.1.rv30 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

5.3CVSS6AI score0.02725EPSS
Exploits0
Rosalinux
Rosalinux
added 2026/02/16 7:27 a.m.6 views

Advisory ROSA-SA-2026-3158

Software: opensc 0.20.0 OS: ROSA Virtualization 3.1 unaffected versions = opensc-0.20.0-8.0.1.rv31 affected versions opensc-0.20.0-8.0.1.rv31 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

5.3CVSS6AI score0.02725EPSS
Exploits0
CNNVD
CNNVD
added 2026/02/16 12:0 a.m.6 views

Dassault Systèmes SOLIDWORKS eDrawings 安全漏洞

Dassault Systèmes SOLIDWORKS eDrawings is a collaboration tool provided by Dassault Systèmes, a French company, for viewing, sharing, and annotating 2D/3D design files. There are security vulnerabilities in the SOLIDWORKS eDrawings SOLIDWORKS Desktop 2025 version up to the SOLIDWORKS Desktop 2026...

7.8CVSS7.3AI score0.00199EPSS
Exploits0References1
Rows per page
Query Builder