Lucene search
K

52711 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2026/06/08 12:0 a.m.11 views

Security update for keybase-client (important)

openSUSE Security Update: Security update for keybase-client Announcement ID: openSUSE-SU-2026:0195-1 Rating: important References: 1227158 1253563 1253864 1254023 1258591 1260696 1266158 1266596 Cross-References: CVE-2024-24792 CVE-2025-47913 CVE-2025-47914 CVE-2025-58181 CVE-2026-26958...

9.1CVSS6.8AI score0.00731EPSS
Exploits1References8
Spring Security Advisories
Spring Security Advisories
added 2026/06/08 12:0 a.m.6 views

CVE-2026-41720: Authentication Bypass with Empty Password in Spring LDAP

Spring LDAP's DirContextAuthenticationStrategy implementations do not reject a bind request where a non-empty username is paired with an empty or null password. RFC 4513 Section 5.1.2 defines this as an unauthenticated bind. On LDAP servers that permit such binds, an attacker with a valid usernam...

7.4CVSS5.8AI score0.00257EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.7 views

TencentOS Server 4: nginx (TSSA-2025:0724)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0724 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

5.3CVSS5.7AI score0.02557EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/08 12:0 a.m.7 views

Cleartext Transmission of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information via HTTP redirect handling in the HTTP client. An attacker can obtain sensitive credentials by causing a client configured to automatically follow redirects to follow a redirect from a...

6.9CVSS5.4AI score0.00172EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/06/07 9:20 p.m.77 views

Exploit for Use After Free in Redis

redis-server from 7.2.0 until 8.6.3, the Remote Code Execution...

8.8CVSS6.3AI score0.01286EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2026/06/07 12:0 a.m.20 views

AlmaLinux 9 : kernel (ALSA-2026:21556)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21556 advisory. kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when settin...

9.4CVSS6AI score0.00514EPSS
Exploits0References21
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.15 views

CVE-2026-46389

UDS Identity Config builds the Keycloak configuration image realm, plugins, theme, truststore, JARs consumed by UDS Core's Identity deployment. In versions 0.11.0 through 0.26.0, a logic error in the client-kubernetes-secret Keycloak client authenticator shipped by uds-identity-config and consume...

10CVSS5.4AI score0.00341EPSS
Exploits0References1
NVD
NVD
added 2026/06/06 10:16 a.m.14 views

CVE-2026-11406

A vulnerability was determined in GL.iNet MT3000 up to 4.4.5. This vulnerability affects unknown code of the file ovpnclient.sh of the component OpenVPN Client Import Workflow. This manipulation causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...

6.5CVSS0.0123EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/06 9:15 a.m.12 views

EUVD-2026-34963

A vulnerability was determined in GL.iNet MT3000 up to 4.4.5. This vulnerability affects unknown code of the file ovpnclient.sh of the component OpenVPN Client Import Workflow. This manipulation causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...

6.5CVSS6.2AI score0.0123EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/06 9:15 a.m.10 views

CVE-2026-11406

A vulnerability was determined in GL.iNet MT3000 up to 4.4.5. This vulnerability affects unknown code of the file ovpnclient.sh of the component OpenVPN Client Import Workflow. This manipulation causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...

6.5CVSS6.2AI score0.0123EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/06/06 9:15 a.m.33 views

CVE-2026-11406

GL.iNet MT3000 (up to firmware 4.4.5) is affected by a command-injection vulnerability in the ovpnclient.sh component of the OpenVPN Client Import Workflow. Remote exploitation is possible; exploit details have been publicly disclosed. Upgrading to 4.9.0_beta3-1012-0513-1778656146 resolves the is...

6.5CVSS6.3AI score0.0123EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/06 9:15 a.m.10 views

CVE-2026-11406 GL.iNet MT3000 OpenVPN Client Import Workflow ovpnclient.sh command injection

A vulnerability was determined in GL.iNet MT3000 up to 4.4.5. This vulnerability affects unknown code of the file ovpnclient.sh of the component OpenVPN Client Import Workflow. This manipulation causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...

6.5CVSS6.3AI score0.0123EPSS
Exploits0References6
Rockylinux
Rockylinux
added 2026/06/06 6:0 a.m.13 views

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

9.8CVSS5.5AI score0.00605EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/06 3:26 a.m.7 views

SUSE CVE-2025-1296

Nomad Community and Nomad Enterprise “Nomad” are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19...

6.5CVSS5.8AI score0.00449EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/06 2:45 a.m.10 views

SUSE CVE-2026-50259

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS6AI score0.00165EPSS
Exploits0References8
Fedora
Fedora
added 2026/06/06 1:10 a.m.14 views

[SECURITY] Fedora 43 Update: thunderbird-149.0.1-3.fc43

Mozilla Thunderbird is a standalone mail and newsgroup client...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/06 12:44 a.m.16 views

CVE-2020-25900

HelloTalk through 3.4.1 stores full-precision GPS coordinates even when the user had intended to share only a country or city. Furthermore, these coordinates are placed into a database on the client of other users. The client side was changed in 2019 to encrypt that database...

5.3CVSS5.5AI score0.00201EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.12 views

RHEL 9 : kernel (RHSA-2026:23237)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23237 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: use dstdevrcu in...

9.8CVSS5.6AI score0.00563EPSS
Exploits0References26
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.25 views

RHEL 8 : kernel (RHSA-2026:23258)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:23258 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: smb: client: reject...

7.8CVSS5.5AI score0.00353EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.10.1 : python-pip (EulerOS-SA-2026-2034)

According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in...

8.9CVSS6.7AI score0.02667EPSS
Exploits0References3
Rows per page
Query Builder