13 matches found
CVE-2026-48924
The CVE-2026-48924 entry concerns Jenkins Bitbucket OAuth Plugin affected in versions 0.17 and earlier. The root cause is insufficient validation of the redirect URL after login, which enables phishing attacks by deceiving users during OAuth flow. The impact is phishing risk; no exploitation deta...
OPENSUSE-SU-2026:20105-1 Security update for sbctl
This update for sbctl fixes the following issues: Changes in sbctl: - Upgrade the embedded golang.org/x/net to 0.46.0 Fixes: bsc1251399, CVE-2025-47911: various algorithms with quadratic complexity when parsing HTML documents Fixes: bsc1251609, CVE-2025-58190: excessive memory consumption by...
DEBIAN-CVE-2013-10031
Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks...
RUSTSEC-2025-0010 Versions of *ring* prior to 0.17 are unmaintained.
ring 0.16.20 was released over 4 years ago and isn't maintained, tested, etc. Additionally, the project's general policy is to only patch the latest release, which is 0.17.12 now. It will be difficult for anybody to backport future fixes to versions earlier than 0.17.10 due to license changes...
Debian rsh-client 命令注入漏洞
Debian rsh-client is a command application for the Debian community in the United States. A security vulnerability previously existed in Debian rsh-client version 0.17-24, which stemmed from netkit-rcp allowing command injection via filename...
CVE-1999-0612 affecting package finger 0.17-4
CVE-1999-0612 affecting package finger 0.17-4. A patched version of the package is available...
NetKit Privilege Permission and Access Control Vulnerabilities
NetKit is a network environment simulation system. A security vulnerability exists in the rcp.c file of the rcp client in NetKit 0.17 and earlier versions. An attacker can exploit the vulnerability to bypass access with the help of . or an empty filename to bypass access restrictions...
The vulnerability of the Gentoo Linux operating system allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the netkit-telnetd package up to version 0.17-r3 inclusive in the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
Debian Security Advisory DSA 556-2 (netkit-telnet)
The remote host is missing an update to netkit-telnet announced via advisory DSA 556-2. OpenVAS Vulnerability Test $Id: deb5562.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 556-2 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 556-1 (netkit-telnet)
The remote host is missing an update to netkit-telnet announced via advisory DSA 556-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Debian DSA-697-1 : netkit-telnet - buffer overflow
Gael Delalleau discovered a buffer overflow in the handling of the LINEMODE suboptions in telnet clients. This can lead to the execution of arbitrary code when connected to a malicious server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
PT-2004-1077 · Openssh +3 · Openssh +4
Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 3.4p1 rsh-server-0.17 rsh-0.17 Description: The issue is related to a directory traversal vulnerability in the scp component of OpenSSH, which can be exploited by remote malicious servers to overwrite arbitrary files...
AZL-6421 CVE-1999-0150 affecting package finger for versions less than 0.17-4
The Perl fingerd program allows arbitrary command execution from remote users...