Lucene search
K

3150 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.9 views

Fedora 43 : python-cbor2 (2026-cd0bb7ac34)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-cd0bb7ac34 advisory. Backport upstream patch for CVE-2025-64076 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

7.5CVSS5.8AI score0.00413EPSS
Exploits1References2
OSV
OSV
added 2026/04/17 6:31 p.m.2 views

GHSA-574F-3G2M-X479 Bouncy Castle for Java GOST 28147 CTR mode reuses keystream after 255 blocks

The GOST 28147-2015 CTR mode implementation G3413CTRBlockCipher in the Legion of the Bouncy Castle BC-JAVA bcprov core module only increments the final byte of the counter, so the counter wraps after 255 blocks and the keystream is reused. Reusing CTR keystream allows an attacker who can observe...

9.3CVSS7.3AI score0.00313EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.14 views

Fedora 43 : mingw-LibRaw (2026-635a001215)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-635a001215 advisory. Backport patch for CVE-2026-20884. ---- Backport fixes for CVE-2026-20889 CVE-2026-21413 CVE-2026-24450 CVE-2026-24660 ---- Update to libraw-0.21.5...

9.8CVSS6.1AI score0.00746EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.4 views

Oracle Linux 10 : freerdp (ELSA-2026-6799)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6799 advisory. 2:3.10.3-5.5 - Fix use of nscprocessmessage - Increase timeout for TestSynchCritical Resolves: RHEL-155979 2:3.10.3-5.4 - Backport several CVE fixes...

9.8CVSS6AI score0.00656EPSS
Exploits5References15
OpenVAS
OpenVAS
added 2026/04/06 12:0 a.m.9 views

Fedora: Security Advisory (FEDORA-2026-178c482e71)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.9AI score0.00865EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.7 views

Fedora 42 : mingw-binutils (2026-fe96f3532b)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fe96f3532b advisory. Backport fixes for multiple CVEs. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

7.5CVSS6AI score0.00502EPSS
Exploits10References13
Wired Threat Level
Wired Threat Level
added 2026/04/01 12:49 a.m.5 views

Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool

As DarkSword spreads, Apple tells WIRED it will enable iOS 18-specific fixes for millions of iPhone owners who remain on that iOS version rather than force them to update to iOS 26...

5.9AI score
Exploits0
Oracle linux
Oracle linux
added 2026/03/30 12:0 a.m.7 views

freerdp security update

2:2.11.7-1.3 - Backport several CVE fixes Resolves: RHEL-151988, RHEL-152215...

8.8CVSS5.8AI score0.00537EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.5 views

PT-2026-27282

Name of the Vulnerable Software and Affected Versions Briefcase versions 0.3.0 through 0.3.25 Description Briefcase, a tool for converting Python projects into standalone native applications, has an issue where the installation process for Windows MSI installers, when set to install for All Users...

7.3CVSS6AI score0.00132EPSS
Exploits0References9
OSV
OSV
added 2026/03/20 11:16 p.m.5 views

DEBIAN-CVE-2026-33243

barebox is a bootloader. In barebox from version 2016.03.0 to before version 2026.03.1 and the corresponding backport to 2025.09.3, an attacker could exploit a FIT signature verification vulnerability to trick the bootloader into booting different images than those that were verified as part of a...

8.2CVSS5.7AI score0.00108EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/11 3:31 p.m.7 views

EUVD-2026-11160

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...

6.2CVSS5.8AI score0.00146EPSS
Exploits1References5
OSV
OSV
added 2026/03/11 2:16 p.m.2 views

DEBIAN-CVE-2026-3904

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...

6.2CVSS5.4AI score0.00146EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/03/11 1:19 p.m.4 views

CVE-2026-3904

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...

6.2CVSS5.4AI score0.00146EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/03/11 1:19 p.m.4 views

CVE-2026-3904

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...

5.8AI score0.00146EPSS
Exploits1References4
CVE
CVE
added 2026/03/11 1:19 p.m.31 views

CVE-2026-3904

The CVE-2026-3904 issue affects the GNU C Library (GLIBC) v2.36 on x86_64 where memcmp, used by an NSS-backed path accessing nscd client code, may operate on inputs concurrently modified by other threads. This undefined behavior could crash the nscd client and dependent applications. The vulnerab...

6.2CVSS5.8AI score0.00146EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/11 1:19 p.m.2 views

CVE-2026-3904

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...

6.2CVSS5.8AI score0.00146EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.5 views

PT-2026-24675

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x86 64 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in th...

6.2CVSS5.8AI score0.00146EPSS
Exploits1References10
EUVD
EUVD
added 2026/03/05 9:30 p.m.6 views

EUVD-2025-208322

Ubuntu Linux 6.8 GA retains the legacy AFUNIX garbage collector but backports upstream commit 8594d9b85c07 "afunix: Don’t call skbget for OOB skb". When orphaned MSGOOB sockets hit unixgc, the garbage collector still calls kfreeskb as if OOB SKBs held two references; on Ubuntu Linux 6.8 Noble...

7.1CVSS6.1AI score0.00146EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.6 views

Fedora 42 : python-pillow (2026-0d673fa503)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0d673fa503 advisory. Backport fix for CVE-2026-25990. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

8.6CVSS6.2AI score0.00367EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/03 2:51 p.m.13 views

Rancher's restricted PodSecurityPolicy does not prevent containers from running as a privileged user

Impact The restricted pod security policy PSP, provided in Rancher versions from 2.0 up to and including 2.6.3, has a deviation from the upstream restricted policy provided in Kubernetes, in which Rancher's PSP has runAsUser set to runAsAny, while upstream has runAsUser set to MustRunAsNonRoot...

5.9AI score
Exploits0References2Affected Software1
Rows per page
Query Builder