4170 matches found
sudo-rs: Partial password reveal is possible after timeout
Summary If a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered are echoed back to the console. Example Using sudo-rs: geiger@cerberus:$ sudo -s sudo: authenticate Password: sudo-rs:...
CVE-2025-64170
sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...
UBUNTU-CVE-2025-64170
sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...
CVE-2025-64170
CVE-2025-64170 affects sudo-rs, a memory-safe Rust implementation of sudo/su. Concrete details from connected documents show a vulnerability that, when a password timeout occurs due to the user typing a password and not pressing return for an extended period, causes the entered keystrokes to be e...
CVE-2025-64170 sudo-rs: Partial password reveal is possible after timeout
sudo-rs is a memory safe implementation of sudo and su written in Rust. Starting in version 0.2.7 and prior to version 0.2.10, if a user begins entering a password but does not press return for an extended period, a password timeout may occur. When this happens, the keystrokes that were entered a...
Huawei EulerOS: Security Advisory for iputils (EulerOS-SA-2025-2417)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : iputils (EulerOS-SA-2025-2417)
According to the versions of the iputils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ping in iputils before 20250602 allows a denial of service application error or incorrect data collection via a crafted ICMP Echo Reply packet,...
📄 moew.government.bg Cross Site Scripting
moew.government.bg suffers from a cross site scripting vulnerability. It is unclear what vulnerable code base is being used or if it's custom, however, the researcher has not heard a response from the administrators for a year and they have not addressed the issue, putting their users at risk, so...
ECHO-93B4-5342-28D2
Bulletin has no description...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989174)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989174 advisory. In the Linux kernel, the following vulnerability has been resolved: can: dev: cangetechoskb: prevent call to kfreeskb in hard IRQ context If a driver calls...
CVE-2025-47912 vulnerabilities
Vulnerabilities for packages: kube-bench, terraform, xcaddy, cilium-certgen, git-credential-oauth, kafkaexporter, hey, docker-credential-gcr, age, rootlesskit, helm-docs, terraform-provider-kubernetes, secrets-store-csi-driver, knative-eventing, cluster-proportional-autoscaler, trillian,...
GHSA-9GCR-GP5F-JW27 vulnerabilities
Vulnerabilities for packages: kube-bench, terraform, xcaddy, cilium-certgen, git-credential-oauth, kafkaexporter, hey, docker-credential-gcr, age, rootlesskit, helm-docs, terraform-provider-kubernetes, secrets-store-csi-driver, knative-eventing, cluster-proportional-autoscaler, trillian,...
GHSA-QH38-484V-W52X vulnerabilities
Vulnerabilities for packages: kube-bench, terraform, xcaddy, cilium-certgen, git-credential-oauth, kafkaexporter, hey, docker-credential-gcr, age, rootlesskit, helm-docs, terraform-provider-kubernetes, secrets-store-csi-driver, knative-eventing, cluster-proportional-autoscaler, trillian,...
GHSA-JWMF-CHVC-RF92 vulnerabilities
Vulnerabilities for packages: kube-bench, terraform, xcaddy, cilium-certgen, git-credential-oauth, kafkaexporter, hey, docker-credential-gcr, age, rootlesskit, helm-docs, terraform-provider-kubernetes, secrets-store-csi-driver, knative-eventing, cluster-proportional-autoscaler, trillian,...
CVE-2025-58185 vulnerabilities
Vulnerabilities for packages: kube-bench, terraform, xcaddy, cilium-certgen, git-credential-oauth, kafkaexporter, hey, docker-credential-gcr, age, rootlesskit, helm-docs, terraform-provider-kubernetes, secrets-store-csi-driver, knative-eventing, cluster-proportional-autoscaler, trillian,...
CVE-2025-61724 vulnerabilities
Vulnerabilities for packages: kube-bench, terraform, xcaddy, cilium-certgen, git-credential-oauth, kafkaexporter, hey, docker-credential-gcr, age, rootlesskit, helm-docs, terraform-provider-kubernetes, secrets-store-csi-driver, knative-eventing, cluster-proportional-autoscaler, trillian,...
GHSA-447V-2QG4-H8HC vulnerabilities
Vulnerabilities for packages: kube-bench, terraform, xcaddy, cilium-certgen, git-credential-oauth, kafkaexporter, hey, docker-credential-gcr, age, rootlesskit, helm-docs, terraform-provider-kubernetes, secrets-store-csi-driver, knative-eventing, cluster-proportional-autoscaler, trillian,...
CVE-2025-61723 vulnerabilities
Vulnerabilities for packages: kube-bench, terraform, xcaddy, cilium-certgen, git-credential-oauth, kafkaexporter, hey, docker-credential-gcr, age, rootlesskit, helm-docs, terraform-provider-kubernetes, secrets-store-csi-driver, knative-eventing, cluster-proportional-autoscaler, trillian,...
GHSA-HJX7-FPXX-MJ48 vulnerabilities
Vulnerabilities for packages: kube-bench, terraform, xcaddy, cilium-certgen, git-credential-oauth, kafkaexporter, hey, docker-credential-gcr, age, rootlesskit, helm-docs, terraform-provider-kubernetes, secrets-store-csi-driver, knative-eventing, cluster-proportional-autoscaler, trillian,...
CVE-2025-58188 vulnerabilities
Vulnerabilities for packages: kube-bench, terraform, xcaddy, cilium-certgen, git-credential-oauth, kafkaexporter, hey, docker-credential-gcr, age, rootlesskit, helm-docs, terraform-provider-kubernetes, secrets-store-csi-driver, knative-eventing, cluster-proportional-autoscaler, trillian,...