42 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-3351
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all...
EUVD-2026-9286
lxd's non-recursive certificate listing bypasses per-object authorization and leaks all fingerprints...
CVE-2026-3351
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...
SUSE CVE-2026-3351
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via the GET /1.0/certificates API endpoint. An attacker can enumerate all certificate fingerprints trusted by the server by sending crafted requests as an authenticated, restricted user. Remediation Upgrade...
CVE-2026-3351
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...
UBUNTU-CVE-2026-3351
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...
CVE-2026-3351
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...
CVE-2026-3351
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...
CVE-2026-3351 Authorization Bypass in LXD GET /1.0/certificates Endpoint
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...
CVE-2026-3351 Authorization Bypass in LXD GET /1.0/certificates Endpoint
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...
CVE-2026-3351 Authorization Bypass in LXD GET /1.0/certificates Endpoint
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...
CVE-2026-3351
CVE-2026-3351 : In Canonical LXD 6.6 on Linux, an improper authorization flaw in the API endpoint GET /1.0/certificates lets an authenticated, restricted user enumerate all certificate fingerprints trusted by the LXD server. The CVSS score is 5.3 (Medium); attack vector is network, with low attac...
CVE-2026-3351
Improper authorization in the API endpoint GET /1.0/certificates in Canonical LXD 6.6 on Linux allows an authenticated, restricted user to enumerate all certificate fingerprints trusted by the lxd server...
LXD 安全漏洞
LXD is a Canonical open-source container-based system for managing applications on Linux systems. Version LXD 6.6 contains a security vulnerability. This vulnerability stems from an improper authorization in the API endpoint GET /1.0/certificates. It may allow authenticated, restricted users to...
PT-2026-22731
Name of the Vulnerable Software and Affected Versions Canonical LXD version 6.6 Description An authorization issue exists in the API endpoint GET /1.0/certificates. An authenticated user with restricted privileges can list all certificate fingerprints trusted by the LXD server. Recommendations...
EUVD-2016-8017
Malware in sbrugna...
iterate Cyberduck和iterate Mountain Duck 安全漏洞
iterate Cyberduck and iterate Mountain Duck are both open source file transfer clients from iterate. A security vulnerability exists in iterate Cyberduck 9.1.6 and earlier and iterate Mountain Duck 4.17.5 and earlier, which stems from the use of SHA-1 to store certificate fingerprints, which coul...
CVE-2016-7145
The mauthenticate function in ircd/mauthenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter...
CVE-2016-7145
The mauthenticate function in ircd/mauthenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter...