Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/12 2:35 p.m.12 views

CVE-2026-48855

A flaw was found in Erlang OTP ssh, specifically within the sshsftpd module. An authenticated SFTP client can exploit this vulnerability by creating a symbolic link symlink inside a restricted directory chroot that points to the root directory. When the client reads this symlink, the sshsftpd...

6.5CVSS5.2AI score0.00277EPSS
Exploits0References8
OSV
OSV
added 2026/02/18 12:33 a.m.3 views

GHSA-PV58-549P-QH99 OpenClaw allows unauthenticated discovery TXT records to steer routing and TLS pinning

Summary Discovery beacons Bonjour/mDNS and DNS-SD include TXT records such as lanHost, tailnetDns, gatewayPort, and gatewayTlsSha256. TXT records are unauthenticated. Prior to the fix, some clients treated TXT values as authoritative routing/pinning inputs: - iOS and macOS: used TXT-provided host...

7.1CVSS5.6AI score0.001EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 12:27 p.m.11 views

CVE-2018-12434

LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical ho...

4.7CVSS6.3AI score0.00321EPSS
Exploits0References1
NVD
NVD
added 2025/12/11 4:15 a.m.6 views

CVE-2025-13978

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to discover the names of private projects they do not have access through API requests...

4.3CVSS0.00259EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-2256

Malware in sbrugna...

5.3CVSS5.6AI score0.01113EPSS
Exploits1References2
NCSC
NCSC
added 2021/02/02 12:0 a.m.6 views

Vulnerabilities fixed in Clustered Data ONTAP

NetApp has fixed two vulnerabilities. An unauthorized malicious party can use the vulnerabilities to discover the presence of data, which is stored outside his authorizations. stored. NetApp has released updates to fix the vulnerabilities in Clustered Data ONTAP. For more information, see:...

3.5CVSS7.1AI score0.00548EPSS
Exploits0
securityvulns
securityvulns
added 2003/03/22 12:0 a.m.28 views

Stunnel: RSA timing attacks / key discovery

Release Date: 2003-Mar-21 Package: stunnel Versions: Stunnel 3.x x = 22 Stunnel 4.x x = 04 Problem type: Key discovery / Information Leakage Exploit script: None publicly available Severity: High Network-accessible: yes Network-accessible: yes Discovery: D. Boneh, D. Brumley Writeup: Brian Hatch...

6.9AI score
Exploits0
Rows per page
Query Builder