Lucene search
K

102 matches found

OSV
OSV
added 6 days ago5 views

GHSA-QPW4-5X99-6VJP golang.org/x/crypto/ssh: Invoking memory leak when rejecting channels can lead to DoS

An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state and released for...

6.5CVSS5.8AI score0.00196EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/05/21 12:0 a.m.11 views

A First Measurement Study on Authentication Security in Real-World Remote MCP Servers

The Model Context Protocol MCP is emerging as a common interface connecting large language models LLMs with external services. Remote deployments are becoming increasingly important as agents connect to user-linked online services, such as social, productivity, and financial services. In such...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/19 6:4 a.m.12 views

CVE-2026-8830

A flaw was found in Keycloak. An authenticated user can bypass configured WebAuthn policies during credential registration by manipulating client-side JavaScript. This occurs because the server-side processAction fails to validate that the newly created credential's parameters, such as public key...

4.3CVSS5.8AI score0.00392EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/05/07 9:47 a.m.11 views

CVE-2026-43862

A flaw was found in mutt, an email client. The imapauthgss security level, which is used for secure IMAP Internet Message Access Protocol authentication, is mishandled. This vulnerability could allow an attacker to bypass certain security protections, potentially leading to a low impact on data...

3.7CVSS5.8AI score0.00162EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/03 9:31 p.m.2 views

EUVD-2026-18857

Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows. To remediat...

9.1CVSS5.9AI score0.00473EPSS
Exploits0References7
EUVD
EUVD
added 2026/03/23 3:30 p.m.2 views

EUVD-2026-14421

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement rate limiting or account lockout on the authentication interface...

7.7CVSS5.8AI score0.00333EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/21 12:42 a.m.2 views

CVE-2026-32897 OpenClaw < 2026.2.22 - Authentication Token Reuse in Owner ID Prompt Hashing Fallback

OpenClaw versions prior to 2026.2.22 reuse gateway.auth.token as a fallback hash secret for owner-ID prompt obfuscation when commands.ownerDisplay is set to hash and commands.ownerDisplaySecret is unset, creating dual-use of authentication secrets across security domains. Attackers with access to...

6.3CVSS5.8AI score0.00262EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.6 views

PT-2026-21977

Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 8.0.0 Description OpenEMR is an electronic health records and medical practice management application. Prior to version 8.0.0, the session expiration check within the library/auth.inc.php file could be bypassed...

7.5CVSS5.3AI score0.00312EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-3765

Malware in sbrugna...

9.8CVSS9.3AI score0.01381EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-2360

Malware in sbrugna...

5CVSS6.2AI score0.00906EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-8599

Malware in sbrugna...

9.8CVSS9.2AI score0.01438EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-6741

Malware in sbrugna...

8.1CVSS8.1AI score0.00963EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-8050

Malware in sbrugna...

4.3CVSS4.9AI score0.00464EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-5546

Malware in sbrugna...

8.3CVSS6.2AI score0.02988EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-19738

Malware in sbrugna...

8.8CVSS8.6AI score0.00453EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-1390

Malware in sbrugna...

5.9CVSS5.8AI score0.02008EPSS
Exploits3References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-14879

Malware in sbrugna...

10CVSS9.5AI score0.02306EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-6979

Malware in sbrugna...

10CVSS6.4AI score0.06251EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-4003

Malware in sbrugna...

6.8CVSS6.4AI score0.00694EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7801

Malware in sbrugna...

9.8CVSS9.2AI score0.01304EPSS
Exploits1References2
Rows per page
Query Builder