Lucene search
+L

37 matches found

nessus
nessus
added 2026/07/07 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-44362

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...

5.5CVSS6.2AI score0.00122EPSS
Exploits0References3
nvd
nvd
added 2026/07/06 8:16 p.m.6 views

CVE-2026-44362

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20.0 and prior to version 4.11.0, a vulnerability in OP-TEE’s subkey rollback protection allows the use of revoked ...

5.5CVSS0.00122EPSS
Exploits0References1
euvd
euvd
added 2026/07/06 7:33 p.m.6 views

EUVD-2026-41911

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.20.0 and prior to version 4.11.0, a vulnerability in OP-TEE’s subkey rollback protection allows the use of revoked ...

5.5CVSS6AI score0.00122EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.10 views

PT-2026-55976

Name of the Vulnerable Software and Affected Versions OP-TEE versions 3.20.0 through 4.10.x Description OP-TEE is a Trusted Execution Environment TEE designed as a companion to a non-secure Linux kernel running on Arm Cortex-A cores using TrustZone technology. A flaw in the subkey rollback...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References6
euvd
euvd
added 2026/06/19 2:34 p.m.12 views

EUVD-2026-37758

undici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matching...

3.7CVSS5.8AI score0.00248EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/05/11 12:0 a.m.12 views

Grav 安全漏洞

Grav is a scalable content management system CMS developed by the Grav open-source community, suitable for use in personal blogs, small content publishing platforms, and single-page product displays. Versions of Grav prior to 2.0.0-beta.2 contained security vulnerabilities. These vulnerabilities...

8.1CVSS5.8AI score0.00463EPSS
Exploits1References2
nessus
nessus
added 2026/05/04 12:0 a.m.14 views

RHCOS 2 : node.js (RHSA-2015:1546)

The remote Red Hat Enterprise Linux CoreOS 2 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2015:1546 advisory. - SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack CVE-2014-3566 Note that Nessus has not tested for this issue but has instead...

4.3CVSS6.8AI score0.99999EPSS
Exploits7References4
euvd
euvd
added 2026/03/16 3:30 p.m.9 views

EUVD-2026-12309

Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication...

7.1CVSS5.9AI score0.00168EPSS
Exploits0References2
cvelist
cvelist
added 2026/03/16 4:32 a.m.28 views

CVE-2026-20996

Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication...

7.1CVSS0.00168EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/03/16 12:0 a.m.17 views

SAMSUNG Smart Switch 安全漏洞

SAMSUNG Smart Switch is a data migration tool developed by South Korea’s Samsung Corporation. Versions of SAMSUNG Smart Switch prior to 3.7.69.15 contained security vulnerabilities. These vulnerabilities stemmed from the use of defective or insecure encryption algorithms, which could allow remote...

7.1CVSS5.8AI score0.00168EPSS
Exploits0References1
nessus
nessus
added 2025/08/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-2242

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper access control vulnerability in GitLab CE/EE affecting all versions from 17.4 prior to 17.8.6, 17.9 prior to 17.9.3, and 17.10 prior to 17.10.1 allo...

8.8CVSS5.5AI score0.00352EPSS
Exploits0References2
osv
osv
added 2025/03/27 12:30 p.m.3 views

CVE-2025-2242 Incorrect Authorization in GitLab

An improper access control vulnerability in GitLab CE/EE affecting all versions from 17.4 prior to 17.8.6, 17.9 prior to 17.9.3, and 17.10 prior to 17.10.1 allows a user who was an instance admin before but has since been downgraded to a regular user to continue to maintain elevated privileges to...

7.5CVSS6.4AI score0.00352EPSS
Exploits0References4
osv
osv
added 2024/10/02 3:58 a.m.5 views

USN-7051-1 python-asyncssh vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

5.9CVSS6.8AI score0.93305EPSS
Exploits4References2
nessus
nessus
added 2024/05/30 12:0 a.m.45 views

EulerOS 2.0 SP12 : proftpd (EulerOS-SA-2024-1771)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash...

7.5CVSS7.2AI score0.93305EPSS
Exploits5References3
cve
cve
added 2024/05/20 8:3 a.m.82 views

CVE-2024-1968

CVE-2024-1968 affects Scrapy’s redirect middleware, specifically the _build_redirect_request path, where the Authorization header is not stripped when a redirect downgrades from HTTPS to HTTP within the same domain. This can leak credentials in plaintext during cross-origin-like redirects that ch...

7.5CVSS7AI score0.00682EPSS
Exploits1References2Affected Software1
openvas
openvas
added 2024/04/22 12:0 a.m.46 views

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1552)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.93305EPSS
Exploits12References2
nessus
nessus
added 2024/03/21 12:0 a.m.30 views

EulerOS Virtualization 2.9.1 : libssh2 (EulerOS-SA-2024-1455)

According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacke...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References2
openvas
openvas
added 2024/03/13 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2024-1345)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.93305EPSS
Exploits5References2
openvas
openvas
added 2024/03/13 12:0 a.m.12 views

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1343)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.7AI score0.93305EPSS
Exploits12References2
openvas
openvas
added 2024/03/12 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2024-1222)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.93305EPSS
Exploits5References2
Rows per page
Query Builder