Lucene search
K

111 matches found

AlpineLinux
AlpineLinux
added 2025/11/21 11:6 p.m.4 views

CVE-2025-12889

With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest...

5.4CVSS6.8AI score0.00127EPSS
Exploits0
OSV
OSV
added 2025/09/17 8:11 p.m.3 views

GHSA-HX2H-VJW2-8R54 DragonFly has weak integrity checks for downloaded files

Impact The DragonFly2 uses a variety of hash functions, including the MD5 hash. This algorithm does not provide collision resistance; it is secure only against preimage attacks. While these security guarantees may be enough for the DragonFly2 system, it is not completely clear if there are any...

6.9CVSS6.9AI score0.00152EPSS
Exploits0References5
OSV
OSV
added 2025/09/12 11:42 a.m.4 views

BIT-KYVERNO-2023-47630 Attacker can cause Kyverno user to unintentionally consume insecure image

Kyverno is a policy engine designed for Kubernetes. An issue was found in Kyverno that allowed an attacker to control the digest of images used by Kyverno users. The issue would require the attacker to compromise the registry that the Kyverno users fetch their images from. The attacker could then...

7.1CVSS6.9AI score0.00261EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: nvme-tcp: fixed potential memory corruption in nvmetcprecvpdu The nvmetcprecvpdu function does not check the validity of the header length. When header digests are enabled, a target might send a packet with an invalid header...

7.8CVSS6.5AI score0.00209EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/05/13 4:4 p.m.7 views

kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()

An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...

7.8CVSS7.2AI score0.00209EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/13 2:12 p.m.5 views

kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()

An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...

7.8CVSS7.2AI score0.00209EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.5 views

RockyLinux 9 : libssh (RLSA-2024:2504)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2504 advisory. libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for...

5.3CVSS6.6AI score0.01421EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/06 3:55 p.m.14 views

kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()

An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...

7.8CVSS7.2AI score0.00209EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/06 12:56 a.m.8 views

kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()

An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...

7.8CVSS7.2AI score0.00209EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/04/30 7:12 a.m.2 views

kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()

An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...

7.8CVSS7.2AI score0.00209EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/04/30 1:14 a.m.9 views

kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()

An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...

7.8CVSS7.2AI score0.00209EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/04/30 12:47 a.m.10 views

kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()

An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...

7.8CVSS7.2AI score0.00209EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/04/07 12:0 a.m.7 views

AIDE 0.19

AIDE Advanced Intrusion Detection Environment is a free replacement for Tripwiretm. It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms ...

7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/04/01 3:40 p.m.1 views

CVE-2025-21927 nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvmetcprecvpdu nvmetcprecvpdu doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invalid header length e.g. 255,...

7.8AI score0.00209EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/01/29 5:40 p.m.16 views

CVE-2025-24882 regclient may ignore pinned manifest digests

regclient is a Docker and OCI Registry Client in Go. A malicious registry could return a different digest for a pinned manifest without detection. This vulnerability is fixed in 0.7.1...

5.2CVSS5.1AI score0.00172EPSS
Exploits0References2
OSV
OSV
added 2024/08/06 10:3 p.m.8 views

GO-2024-3038 In regclient, pinned manifest digests may be ignored in github.com/regclient/regclient

In regclient, pinned manifest digests may be ignored in github.com/regclient/regclient...

5.2CVSS5.1AI score0.00172EPSS
Exploits0References2
OSV
OSV
added 2024/08/05 2:46 p.m.8 views

GHSA-QV35-3GW6-8Q4J In regclient, pinned manifest digests may be ignored

Impact A malicious registry could return a different digest for a pinned manifest without detection. Patches This has been fixed in the v0.7.1 release. Workarounds After running a regclient.ManifestGet, the returned digest can be compared to the requested digest...

5.8CVSS5.1AI score0.00172EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2024/06/14 1:59 p.m.29 views

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

5.3CVSS7.2AI score0.01421EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/06/14 12:0 a.m.32 views

Rocky Linux 8 : libssh (RLSA-2024:3233)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3233 advisory. libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for...

5.3CVSS6.6AI score0.01421EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2024/06/07 12:0 a.m.8 views

Fedora: Security Advisory for rust-uu_hashsum (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Rows per page
Query Builder