111 matches found
CVE-2025-12889
With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest...
GHSA-HX2H-VJW2-8R54 DragonFly has weak integrity checks for downloaded files
Impact The DragonFly2 uses a variety of hash functions, including the MD5 hash. This algorithm does not provide collision resistance; it is secure only against preimage attacks. While these security guarantees may be enough for the DragonFly2 system, it is not completely clear if there are any...
BIT-KYVERNO-2023-47630 Attacker can cause Kyverno user to unintentionally consume insecure image
Kyverno is a policy engine designed for Kubernetes. An issue was found in Kyverno that allowed an attacker to control the digest of images used by Kyverno users. The issue would require the attacker to compromise the registry that the Kyverno users fetch their images from. The attacker could then...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: nvme-tcp: fixed potential memory corruption in nvmetcprecvpdu The nvmetcprecvpdu function does not check the validity of the header length. When header digests are enabled, a target might send a packet with an invalid header...
kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...
kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...
RockyLinux 9 : libssh (RLSA-2024:2504)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2504 advisory. libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for...
kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...
kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...
kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...
kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...
kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...
AIDE 0.19
AIDE Advanced Intrusion Detection Environment is a free replacement for Tripwiretm. It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms ...
CVE-2025-21927 nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvmetcprecvpdu nvmetcprecvpdu doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invalid header length e.g. 255,...
CVE-2025-24882 regclient may ignore pinned manifest digests
regclient is a Docker and OCI Registry Client in Go. A malicious registry could return a different digest for a pinned manifest without detection. This vulnerability is fixed in 0.7.1...
GO-2024-3038 In regclient, pinned manifest digests may be ignored in github.com/regclient/regclient
In regclient, pinned manifest digests may be ignored in github.com/regclient/regclient...
GHSA-QV35-3GW6-8Q4J In regclient, pinned manifest digests may be ignored
Impact A malicious registry could return a different digest for a pinned manifest without detection. Patches This has been fixed in the v0.7.1 release. Workarounds After running a regclient.ManifestGet, the returned digest can be compared to the requested digest...
libssh security update
An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...
Rocky Linux 8 : libssh (RLSA-2024:3233)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3233 advisory. libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for...
Fedora: Security Advisory for rust-uu_hashsum (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...