Lucene search
K

49 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 3 : krb5-1.6.1-70.AXS3 (AXSA:2012-256:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-256:02 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartex...

6.5CVSS6AI score0.03938EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:0 a.m.8 views

CVE-2020-7110

ClearPass is vulnerable to Stored Cross Site Scripting by allowing a malicious administrator, or a compromised administrator account, to save malicious scripts within ClearPass that could be executed resulting in a privilege escalation attack. Resolution: Fixed in 6.7.13, 6.8.4, 6.9.0 and higher...

4.8CVSS6.6AI score0.0062EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/11/18 5:11 p.m.5 views

Security update for unbound

This update for unbound fixes the following issues: CVE-2025-11411: Fixed possible domain hijacking attack. bsc1252525 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...

7.1CVSS7AI score0.00311EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.1 views

SUSE SLES12: bind / bind-chrootenv / bind-devel / bind-doc / bind-utils / etc (SUSE-SU-2025:3976-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:3976-1 advisory. - CVE-2025-40778: Address various spoofing attacks bsc1252379. Tenable has extracted the preceding description block directly from the SUSE security...

8.6CVSS6.7AI score0.00509EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-1954

Malware in sbrugna...

9.8CVSS9.5AI score0.01532EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-2261

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00633EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-1010057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component...

7.8CVSS7.2AI score0.01654EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/07/28 4:43 p.m.6 views

Moderate: Red Hat Security Advisory: Red Hat build of Keycloak 26.0.13 Update

New Red Hat build of Keycloak 26.0.13 packages are available from the Customer Portal Red Hat build of Keycloak 26.0.13 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security...

7.1CVSS6.1AI score0.00226EPSS
Exploits0References3
OSV
OSV
added 2025/07/23 12:43 p.m.4 views

SUSE-SU-2025:02491-1 Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2024-38822: Fixed Minion token validation bsc1244561 - CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 - CVE-2024-38824: Fixed directory...

9.6CVSS7AI score0.00982EPSS
Exploits0References26
Cvelist
Cvelist
added 2025/03/11 7:4 p.m.30 views

CVE-2025-27773 SimpleSAMLphp SAML2 library has incorrect signature verification for HTTP-Redirect binding

The SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. Prior to versions 4.17.0 and 5.0.0-alpha.20, there is a signature confusion attack in the HTTPRedirect binding. An attacker with any signed SAMLResponse via the HTTP-Redirect binding can cause the application to...

8.6CVSS0.00296EPSS
Exploits0References4
OSV
OSV
added 2025/02/28 2:39 p.m.15 views

SUSE-SU-2025:0744-1 Security update for openssh8.4

This update for openssh8.4 fixes the following issues: - CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. Other bugfixes: - Fix usage of local accelerator cards via openssl-ibmca bsc1216474, bsc1218871. - Add patches from upstream to change the...

6.8CVSS6.6AI score0.06997EPSS
Exploits4References11
OSV
OSV
added 2025/02/23 12:3 p.m.11 views

SUSE-SU-2025:0659-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. - Add a s390 specific ioctl for ECC hardware support bsc1225637: - for migration to openssh 8.4: write active/enabled switch over files only if n...

6.8CVSS6.8AI score0.06997EPSS
Exploits4References5
OSV
OSV
added 2025/02/18 4:42 p.m.25 views

SUSE-SU-2025:0585-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. - CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server bsc1237041...

6.8CVSS6.6AI score0.38474EPSS
Exploits5References5
RedhatCVE
RedhatCVE
added 2025/02/05 8:28 a.m.15 views

CVE-2024-47873

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which should prevent XXE attacks. However, prior to versions 1.9.4, 2.1.3, 2.3.2, and 3.4.0, the regexes used in the scan method and the findCharSet method can be bypassed by using...

7.5CVSS6.5AI score0.0076EPSS
Exploits1References1
SUSE Linux
SUSE Linux
added 2025/01/16 1:20 p.m.1 views

Security update for xen

This update for xen fixes the following issues: CVE-2024-53241: Xen hypercall page unsafe against speculative attacks bsc1234282. Bug fixes: Update to Xen 4.18.4 security bug fix release bsc1027519 x86: Prefer ACPI reboot over UEFI ResetSystem run time service call No other changes mentioned in...

6.8CVSS8.1AI score0.00304EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/12/06 12:0 a.m.6 views

SUSE: Security Advisory (SUSE-SU-2024:4212-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS6.5AI score0.00209EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2024/10/30 7:56 a.m.0 views

Security update for pcp

This update for pcp fixes the following issues: pcp was updated from version 5.2.5 to version 6.2.0 jscPED-8192, jscPED-8389: Security issues fixed: CVE-2024-45770: Fixed a symlink attack that allows escalating from the pcp to the root user bsc1230552 CVE-2024-45769: Fixed a heap corruption throu...

6.7CVSS9.4AI score0.00288EPSS
Exploits0References20
Github Security Blog
Github Security Blog
added 2024/08/30 6:51 p.m.13 views

Adyen APIs Library for Python timing attack vulnerability

Adyen has utility methods for validating notification HMAC signatures. The isvalidhmac and isvalidhmacnotification methods are vulnerable to a timing attack, you should compare the hash of the HMACs instead...

7.1AI score
Exploits0References5Affected Software1
OSV
OSV
added 2024/04/26 8:4 a.m.8 views

SUSE-SU-2024:1447-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues: Upgrade openCryptoki to version 3.23 jscPED-3360, jscPED-3361 EP11: Add support for FIPS-session mode CVE-2024-0914: Updates to harden against RSA timing attacks bsc1219217 Bug fixes - provide userpkcs11 and grouppkcs11 Upgrade to version...

5.9CVSS6.7AI score0.00878EPSS
Exploits0References3
OSV
OSV
added 2024/03/07 10:33 a.m.9 views

SUSE-SU-2024:0804-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: - CVE-2024-20952: Fixed RSA padding issue and timing side-channel attack against TLS 8317547 bsc1218911. - CVE-2024-20921: Fixed range check loop optimization issue 8314307 bsc1218905. - CVE-2024-20926: Fixed rbitrary Java code executio...

7.4CVSS6.7AI score0.01026EPSS
Exploits0References13
Rows per page
Query Builder