11 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-6873
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.http.HttpRequest.getsignedcookie in Django uses a non-injective salt derivation...
CVE-2023-7346
Technical details (affected versions, exploit methods, mitigations) are not publicly provided in the supplied documents. Monitor for updates from official sources.
PT-2026-33856
HKUDS OpenHarness prior to PR 159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification. Attackers can reuse...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libssh (UTSA-2025-990914)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990914 advisory. A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsiste...
EulerOS 2.0 SP11 : libssh (EulerOS-SA-2025-2233)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation...
EulerOS 2.0 SP11 : libssh (EulerOS-SA-2025-2201)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation...
OESA-2025-2128 libssh security update
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...
CBL Mariner 2.0 Security Update: libssh (CVE-2025-5372)
The version of libssh installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5372 advisory. - A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf...
Azure Linux 3.0 Security Update: libssh (CVE-2025-5372)
The version of libssh installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5372 advisory. - A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf...
CVE-2025-5372
A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...
Enc Security Enc DataVault 信息泄露漏洞
Enc Security Enc DataVault is a solution from the Dutch company Enc Security. Turns any Usb drive into a secure removable disk for important files. An information disclosure vulnerability exists in Enc Security ENC DataVault 7.1.1W, which stems from VaultAPI v67 incorrectly handling key derivatio...