6 matches found
CVE-2026-33053 Langflow has Missing Ownership Verification in API Key Deletion (IDOR)
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the deleteapikeyroute endpoint accepts an apikeyid path parameter and deletes it with only a generic authentication check getcurrentactiveuser dependency. However, the deleteapikey CRUD...
RHEL 9 : libssh (RHSA-2023:6643)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6643 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh:...
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2023-2759)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : libssh (EulerOS-SA-2023-2616)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a...
EulerOS 2.0 SP10 : libssh (EulerOS-SA-2023-2358)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a...
CVE-2014-9422
CVE-2014-9422 affects MIT Kerberos (krb5) kadmind, where the two‑component server principal check can be bypassed by remote authenticated users using a principal starting with or containing a kadmind-related string (e.g., “ka/x”). The issue stems from the check_rpcsec_auth path in kadmind, enabli...