Lucene search
K

7 matches found

SUSE Linux
SUSE Linux
added 2026/03/17 4:32 p.m.6 views

Security update for kea

This update for kea fixes the following issues: Update to release 2.6.3 bsc1243240: CVE-2025-32801: Loading a malicious hook library can lead to local privilege escalation. CVE-2025-32802: Insecure handling of file paths allows multiple local attacks. CVE-2025-32803: Insecure file permissions can...

8.5CVSS5.8AI score0.00233EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/06/27 12:0 a.m.6 views

Oracle Linux 10 : kea (ELSA-2025-9178)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-9178 advisory. - Fix for: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803 Tenable has extracted the preceding description block directly from the Oracle Linux securit...

7.8CVSS5.6AI score0.00233EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/06/20 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2025-dc6ec0a8e2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS5.5AI score0.00233EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/05/28 5:8 p.m.20 views

CVE-2025-32802 Insecure handling of file paths allows multiple local attacks

Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions...

6.1CVSS0.00195EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/05/28 5:8 p.m.8 views

CVE-2025-32802

Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions...

6.1CVSS6.4AI score0.00195EPSS
Exploits0References1
Circl
Circl
added 2025/05/28 2:42 p.m.8 views

CVE-2025-32802

creationtimestamp| type| source ---|---|--- 2025-05-28 14:42:56+00:00| seen| https://seclists.org/oss-sec/2025/q2/176 2025-05-28 15:24:20+00:00| seen| https://seclists.org/oss-sec/2025/q2/177 2025-05-28 16:15:52+00:00| seen| https://seclists.org/oss-sec/2025/q2/178 2025-05-28 16:25:37+00:00| seen...

6.1CVSS5.7AI score0.00195EPSS
Exploits0References16
UbuntuCve
UbuntuCve
added 2025/05/28 12:0 a.m.8 views

CVE-2025-32802

Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions...

6.1CVSS5.8AI score0.00195EPSS
Exploits0References3
Rows per page
Query Builder