11 matches found
RHEL 10 : libssh (RHSA-2026:18160)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18160 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh:...
ALSA-2026:18683 Moderate: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Double Free Vulnerability in libssh Key Export Functions CVE-2025-5351 libssh: Use of uninitialized variable in privatekeyfromfile CVE-2025-4878 libssh: Write...
CVE-2026-0965
A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service DoS by causing the system t...
CVE-2026-0965
A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service DoS by causing the system t...
Linux Distros Unpatched Vulnerability : CVE-2026-0965
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious...
Tenda AC9 访问控制错误漏洞
Tenda AC9 is a wireless router from Tenda China. An access control error vulnerability exists in Tenda AC9 version 15.03.05.14multi, which stems from improper handling of configuration files and could lead to information disclosure...
Vvveb 安全漏洞
Vvveb is a powerful and easy-to-use CMS from Givan Individual Developers for building websites, blogs or e-commerce stores. A security vulnerability exists in Vvveb version 1.0.7.2 and earlier, which stems from a flaw in the configuration file handling component that could lead to information...
MGASA-2017-0380 Updated db48 and db53 packages fix security vulnerability
It was found that Berkeley DB reads the DBCONFIG configuration file from the current working directory by default. This happens when calling dbcreate with dbenv=NULL; or using the dbmopen function CVE-2017-10140...
Security A Hidden Benefit of iOS 4.2 Update
Apple iPhone and iPad users are buzzing about the new features that come with the latest update to the company’s iOS mobile operating system. But the update also contains dozens of fixes for security holes that could have allowed attackers to compromise the popular devices using malicious PDF...
Portmon file arbitrary read/write access vulnerability
Package: Portmon Auth: http://www.aboleo.net/ Versions: 1.7 prior ? Vulnerability: File arbitrary read/write access vulnerability Portmon is a network service monitoring daemon http://www.aboleo.net/software/portmon/. "In order to use ping support, Portmon must run as root or be installed setuid...
ezmlm-cgi/ezmlm-idx-0.40 security advisory
Summary: ezmlm-cgi is part of the ezmlm-idx-0.40.tar.gz package and allows web access to mailing list archives. When ezmlm-cgi is installed SUID user other than root, it can be used to execute arbitrary commands with the effective uid of the SUID user. Scope: Default installations of ezmlm-idx-0....