Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:30 a.m.5 views

CVE-2023-43660

Warpgate is a smart SSH, HTTPS and MySQL bastion host for Linux that doesn't need special client apps. The SSH key verification for a user can be bypassed by sending an SSH key offer without a signature. This allows bypassing authentication under following conditions: 1. The attacker knows the...

8.1CVSS6.8AI score0.00253EPSS
Exploits0References1
Snyk
Snyk
added 2025/03/18 3:17 p.m.1 views

Improper Privilege Management

Overview Affected versions of this package are vulnerable to Improper Privilege Management when handling namespace scopes for BMCEventSubscription. A user with namespace level roles can access and manipulate secrets from unauthorized namespaces by creating a BMCEventSubscription in a namespace th...

8.2CVSS6.8AI score0.00169EPSS
Exploits0References3
OSV
OSV
added 2025/01/06 7:23 p.m.15 views

GHSA-237R-R8M4-4Q88 Guzzle OAuth Subscriber has insufficient nonce entropy

Impact Nonce generation does not use sufficient entropy nor a cryptographically secure pseudorandom source https://github.com/guzzle/oauth-subscriber/blob/0.8.0/src/Oauth1.phpL192. This can leave servers vulnerable to replay attacks when TLS is not used. Patches Upgrade to version 0.8.1 or higher...

6.3CVSS4.9AI score0.00443EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/01/06 12:0 a.m.5 views

PT-2025-4303 · Unknown · Guzzle Oauth Subscriber

Name of the Vulnerable Software and Affected Versions: Guzzle OAuth Subscriber versions prior to 0.8.1 Description: The issue concerns the Guzzle OAuth Subscriber, which signs Guzzle requests using OAuth 1.0. Prior to version 0.8.1, the Nonce generation does not utilize sufficient entropy nor a...

6.3CVSS7AI score0.00443EPSS
Exploits0References10
OSV
OSV
added 2023/04/11 2:15 p.m.2 views

UBUNTU-CVE-2023-0645

An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause an out of bounds read in the exif handler. We recommend upgrading to version 0.8.1 or past commit https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159...

9.1CVSS7.3AI score0.00802EPSS
Exploits0References3
Rows per page
Query Builder