5398 matches found
USN-8076-1 qtbase-opensource-src vulnerabilities
It was discovered that Qt did not correctly handle OpenSSL's error queue. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 20.04 LTS. CVE-2020-13962 It was discovered that Qt incorrectly handled certain XBM image files. If a user or...
CVE-2026-20049
A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to cause...
keycloak-services: Keycloak: Unauthorized access via improper validation of encrypted SAML assertions
A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language SAML broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. Thi...
Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.2.14 Images Update
New images are available for Red Hat build of Keycloak 26.2.14 and Red Hat build of Keycloak 26.2.14 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Ha...
Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.2.14 Update
New Red Hat build of Keycloak 26.2.14 packages are available from the Customer Portal Red Hat build of Keycloak 26.2.14 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security...
keycloak-services: Keycloak: Unauthorized access via improper validation of encrypted SAML assertions
A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language SAML broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. Thi...
CVE-2026-30791 RustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic Validation
Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Config import, URI scheme handler, CLI --config modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated wit...
CVE-2026-30791
CVE-2026-30791 affects RustDesk Client up to version 1.4.5 across Windows, macOS, Linux, iOS, Android, and WebClient. The issue stems from use of a broken or risky cryptographic algorithm in config import, URI scheme handler, and CLI --config modules, enabling retrieval of embedded sensitive data...
CVE-2026-30791 RustDesk Client Accepts Pseudo-Encrypted Config Strings Without Cryptographic Validation
Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient Config import, URI scheme handler, CLI --config modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated wit...
CVE-2026-27442
The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenames in GINA-encrypted emails, allowing an attacker to access files on the gateway...
EUVD-2026-9505
pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can create a JWE-wrapped PlainJWT wi...
GHSA-PM7G-W2CF-Q238 pac4j-jwt: JwtAuthenticator Authentication Bypass via JWE-Wrapped PlainJWT
pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can create a JWE-wrapped PlainJWT wi...
pac4j-jwt: JwtAuthenticator Authentication Bypass via JWE-Wrapped PlainJWT
pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can create a JWE-wrapped PlainJWT wi...
Nginx UI 安全漏洞
Nginx UI is a web interface for Nginx developed by Jacky. Versions of Nginx UI prior to 2.3.3 contained security vulnerabilities. These vulnerabilities stemmed from the /api/backup endpoint, which allowed access without authentication, thereby exposing encrypted keys. This could enable unverified...
CVE-2026-29000 pac4j-jwt JwtAuthenticator Authentication Bypass
pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can create a JWE-wrapped PlainJWT wi...
CVE-2026-29000
CVE-2026-29000 affects pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3. The issue is an authentication bypass in JwtAuthenticator when handling encrypted JWTs, enabling an attacker who has the server’s RSA public key to forge a JWE-wrapped PlainJWT with arbitrary subject and role claims. This...
CVE-2026-29000
pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can create a JWE-wrapped PlainJWT wi...
CVE-2026-29000 pac4j-jwt JwtAuthenticator Authentication Bypass
pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can create a JWE-wrapped PlainJWT wi...
CVE-2026-20050 Cisco Secure Firewall Threat Defense Decryption Policy Denial of Service Vulnerability
A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper memory...
CVE-2026-20049
A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to cause...