12 matches found
GHSA-9VP8-3HMV-8FGH stigmem-node's federation peer registration lacked explicit out-of-band approval
Impact Federation peer registration accepted peer key material during registration without a separate administrator approval step based on an out-of-band fingerprint check. Impacted deployments are nodes that accept federation peer registration across a network where initial registration could be...
PT-2026-47562
Impact Federation peer registration accepted peer key material during registration without a separate administrator approval step based on an out-of-band fingerprint check. Impacted deployments are nodes that accept federation peer registration across a network where initial registration could be...
Astra Linux - уязвимость в mc
A issue was discovered in Midnight Commander through version 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user can connect to the server without being able to verify its authenticity...
ex_webrtc 信任管理问题漏洞
exwebrtc is an open-source WebRTC library based on Elixir language, developed by Elixir WebRTC. Versions of exwebrtc prior to 0.15.1 and 0.16.1 contained a trust management vulnerability. This vulnerability stemmed from the lack of peer certificate fingerprint verification in the DTLS client role...
GO-2026-4882 Incus does not verify combined fingerprint when downloading images from simplestreams servers in github.com/lxc/incus
Incus does not verify combined fingerprint when downloading images from simplestreams servers in github.com/lxc/incus...
CVE-2026-33542 Incus does not verify combined fingerprint when downloading images from simplestreams servers
Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...
CoTSRF: Utilize Chain of Thought As Stealthy and Robust Fingerprint of Large Language Models
Despite providing superior performance, open-source large language models LLMs are vulnerable to abusive usage. To address this issue, recent works propose LLM fingerprinting methods to identify the specific source LLMs behind suspect applications. However, these methods fail to provide stealthy...
CLSA-2025-1744116044 Fix CVE(s): CVE-2016-8614
SECURITY UPDATE: improper verification of key fingerprints in aptkey module - debian/patches/CVE-2016-8614.patch: fix use of long key IDs for delete, check for keyid presence and fix keyid length for verification. Fix reversed order of return values in parsekeyid function - CVE-2016-8614...
USN-7330-1 ansible vulnerabilities
It was discovered that Ansible did not properly verify certain fields of X.509 certificates. An attacker could possibly use this issue to spoof SSL servers if they were able to intercept network communications. This issue only affected Ubuntu 14.04 LTS. CVE-2015-3908 Martin Carpenter discovered...
DEBIAN-CVE-2016-8614
A flaw was found in Ansible before version 2.2.0. The aptkey module does not properly verify key fingerprints, allowing remote adversary to create an OpenPGP key which matches the short key ID and inject this key instead of the correct key...
UBUNTU-CVE-2016-8614
A flaw was found in Ansible before version 2.2.0. The aptkey module does not properly verify key fingerprints, allowing remote adversary to create an OpenPGP key which matches the short key ID and inject this key instead of the correct key...
[Network Database Scanner v1.0] Software to remotely detect the type of Database services running on the network system
Network Database Scanner is the free software to remotely detect the type of Database services running on the network system. It can help you to scan single or multiple systems on your internal network or on the Internet. It uses smart timer based Connect method which makes the scanning faster th...