7 matches found
CVE-2026-48855
A flaw was found in Erlang OTP ssh, specifically within the sshsftpd module. An authenticated SFTP client can exploit this vulnerability by creating a symbolic link symlink inside a restricted directory chroot that points to the root directory. When the client reads this symlink, the sshsftpd...
GHSA-PV58-549P-QH99 OpenClaw allows unauthenticated discovery TXT records to steer routing and TLS pinning
Summary Discovery beacons Bonjour/mDNS and DNS-SD include TXT records such as lanHost, tailnetDns, gatewayPort, and gatewayTlsSha256. TXT records are unauthenticated. Prior to the fix, some clients treated TXT values as authoritative routing/pinning inputs: - iOS and macOS: used TXT-provided host...
CVE-2018-12434
LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical ho...
CVE-2025-13978
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to discover the names of private projects they do not have access through API requests...
EUVD-2018-2256
Malware in sbrugna...
Vulnerabilities fixed in Clustered Data ONTAP
NetApp has fixed two vulnerabilities. An unauthorized malicious party can use the vulnerabilities to discover the presence of data, which is stored outside his authorizations. stored. NetApp has released updates to fix the vulnerabilities in Clustered Data ONTAP. For more information, see:...
Stunnel: RSA timing attacks / key discovery
Release Date: 2003-Mar-21 Package: stunnel Versions: Stunnel 3.x x = 22 Stunnel 4.x x = 04 Problem type: Key discovery / Information Leakage Exploit script: None publicly available Severity: High Network-accessible: yes Network-accessible: yes Discovery: D. Boneh, D. Brumley Writeup: Brian Hatch...