58 matches found
Oracle Linux 8 : kernel (ELSA-2026-16195)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-16195 advisory. 4.18.0-553.124.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to t...
kernel security update
4.18.0-553.85.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
EUVD-2010-3847
Malware in sbrugna...
EUVD-2025-19609
Malicious code in bioql PyPI...
CVE-2025-6224
Certificate generation in juju/utils using the cert.NewLeaf function could include private information. If this certificate were then transferred over the network in plaintext, an attacker listening on that network could sniff the certificate and trivially extract the private key from it...
CVE-2025-6224
CVE-2025-6224 affects juju/utils (cert.NewLeaf). The issue allows a certificate generated by cert.NewLeaf to reveal the private key if the cert is later sent in plaintext over the network. Multiple sources (NVD, Red Hat, OSV, GHSA) confirm the leak in juju/utils and reference the same root cause....
Canonical Juju utils 安全漏洞
Canonical Juju utils is an open source package from Canonical Juju. A security vulnerability exists in Canonical Juju utils, which stems from the fact that private information may be included in the certificate generation process, which could lead to private key disclosure...
CVE-2024-45179
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to insufficient input validation, the C-MOR web interface is vulnerable to OS command injection attacks. It was found out that different functionality is vulnerable to OS command injection attacks, for exampl...
FIWARE Keyrock 安全漏洞
FIWARE Keyrock is a FIWARE open source component responsible for identity management. An operating system command injection vulnerability exists in FIWARE Keyrock 8.4 and earlier versions, which stems from the function generateappcertificates in lib/appcertificates.js not being properly...
Exploit for Improper Input Validation in Paloaltonetworks Pan-Os
CVE-2024-3400-pot Simple honeypot for CVE-2024-3400 Palo Alto...
CVE-2023-34214
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-generation function, which could potentially allow malicious...
CVE-2023-34214
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-generation function, which could potentially allow malicious...
Command injection
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-generation function, which could potentially allow malicious...
Mozilla: Use-after-free in WebRTC certificate generation
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS...
Mozilla: Use-after-free in WebRTC certificate generation
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS...
Mozilla: Use-after-free in WebRTC certificate generation
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS...
Mozilla: Use-after-free in WebRTC certificate generation
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS...
Mozilla: Use-after-free in WebRTC certificate generation
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS...
Mozilla: Use-after-free in WebRTC certificate generation
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS...
Mozilla: Use-after-free in WebRTC certificate generation
The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS...