Lucene search
K

42 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-3351

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all...

5.3CVSS5.8AI score0.00141EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/04 8:18 p.m.3 views

EUVD-2026-9286

lxd's non-recursive certificate listing bypasses per-object authorization and leaks all fingerprints...

5.3CVSS5.9AI score0.00141EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/04 1:44 p.m.4 views

CVE-2026-3351

Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...

5.3CVSS5.9AI score0.00141EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/03/04 12:29 a.m.6 views

SUSE CVE-2026-3351

Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...

5.3CVSS5.8AI score0.00141EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/03 3:44 p.m.2 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the GET /1.0/certificates API endpoint. An attacker can enumerate all certificate fingerprints trusted by the server by sending crafted requests as an authenticated, restricted user. Remediation Upgrade...

5.3CVSS6AI score0.00141EPSS
Exploits1References2
NVD
NVD
added 2026/03/03 1:16 p.m.5 views

CVE-2026-3351

Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...

5.3CVSS0.00141EPSS
Exploits1References3
OSV
OSV
added 2026/03/03 1:16 p.m.6 views

UBUNTU-CVE-2026-3351

Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...

5.3CVSS5.8AI score0.00141EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2026/03/03 1:16 p.m.3 views

CVE-2026-3351

Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...

5.3CVSS7.2AI score0.00141EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/03/03 12:49 p.m.5 views

CVE-2026-3351

Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...

5.3CVSS7.8AI score0.00141EPSS
Exploits1
Cvelist
Cvelist
added 2026/03/03 12:49 p.m.25 views

CVE-2026-3351 Authorization Bypass in LXD GET /1.0/certificates Endpoint

Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...

5.3CVSS0.00141EPSS
Exploits1References3
OSV
OSV
added 2026/03/03 12:49 p.m.8 views

CVE-2026-3351 Authorization Bypass in LXD GET /1.0/certificates Endpoint

Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...

5.3CVSS7.1AI score0.00141EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/03/03 12:49 p.m.4 views

CVE-2026-3351 Authorization Bypass in LXD GET /1.0/certificates Endpoint

Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...

5.3CVSS5.9AI score0.00141EPSS
Exploits1References3
CVE
CVE
added 2026/03/03 12:49 p.m.15 views

CVE-2026-3351

CVE-2026-3351 : In Canonical LXD 6.6 on Linux, an improper authorization flaw in the API endpoint GET /1.0/certificates lets an authenticated, restricted user enumerate all certificate fingerprints trusted by the LXD server. The CVSS score is 5.3 (Medium); attack vector is network, with low attac...

5.3CVSS5.9AI score0.00141EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/03 12:49 p.m.4 views

CVE-2026-3351

Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...

5.3CVSS5.9AI score0.00141EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.6 views

LXD 安全漏洞

LXD is a Canonical open-source container-based system for managing applications on Linux systems. Version LXD 6.6 contains a security vulnerability. This vulnerability stems from an improper authorization in the API endpoint GET /1.0/certificates. It may allow authenticated, restricted users to...

5.3CVSS7.2AI score0.00141EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.4 views

PT-2026-22731

Name of the Vulnerable Software and Affected Versions Canonical LXD version 6.6 Description An authorization issue exists in the API endpoint GET /1.0/certificates. An authenticated user with restricted privileges can list all certificate fingerprints trusted by the LXD server. Recommendations...

9.9CVSS5.9AI score0.22162EPSS
Exploits70References140
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-8017

Malware in sbrugna...

9.8CVSS9.5AI score0.00887EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/25 12:0 a.m.4 views

iterate Cyberduck和iterate Mountain Duck 安全漏洞

iterate Cyberduck and iterate Mountain Duck are both open source file transfer clients from iterate. A security vulnerability exists in iterate Cyberduck 9.1.6 and earlier and iterate Mountain Duck 4.17.5 and earlier, which stems from the use of SHA-1 to store certificate fingerprints, which coul...

7.4CVSS6.4AI score0.00114EPSS
Exploits0References3
NVD
NVD
added 2017/03/07 3:59 p.m.18 views

CVE-2016-7145

The mauthenticate function in ircd/mauthenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter...

9.8CVSS9.1AI score0.00887EPSS
Exploits0References2
OSV
OSV
added 2017/03/07 3:59 p.m.13 views

CVE-2016-7145

The mauthenticate function in ircd/mauthenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter...

9.8CVSS7AI score
Exploits0References2
Rows per page
Query Builder