Lucene search
K

9 matches found

OSV
OSV
added 2026/06/01 2:26 p.m.10 views

GHSA-QJWP-HRQ6-R26R kas checks out SHA-like git branches as valid commits

Impact When relying solely on a git commit ID SHA-1 or SHA-256 to qualify if a checkout of a repository is equivalent to the state validated while adding its commit ID to a kas configuration, users may be tricked to check out a branch of the same name from this repository. This implies that the...

2.1CVSS5.7AI score0.00018EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/27 6:9 p.m.3 views

CVE-2026-27754 SODOLA SL902-SWTGW124AS <= 200.1.20 MD5 Session Token Generation

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 use the cryptographically broken MD5 hash function for session cookie generation, weakening session security. Attackers can exploit predictable session tokens combined with MD5's collision vulnerabilities to forge valid session cookies an...

6.9CVSS5.9AI score0.00116EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-31130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it...

6.8CVSS5.5AI score0.00239EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2011/02/10 5:0 p.m.5 views

CVE-2011-0539

The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct...

7.2AI score0.01797EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2011/02/10 12:0 a.m.9 views

PT-2011-2432

Name of the Vulnerable Software and Affected Versions OpenSSH versions 5.6 through 5.7 Description The issue is related to the key certify function in OpenSSH, specifically when generating legacy certificates using the -t command-line option in ssh-keygen. This function does not initialize the...

7.5CVSS7.2AI score0.01797EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2009/12/11 1:42 p.m.3 views

deprecate MD2 in SSL cert validation (Kaminsky)

The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash...

5.1CVSS6.6AI score0.04506EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/11/10 7:30 p.m.7 views

deprecate MD2 in SSL cert validation (Kaminsky)

The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash...

5.1CVSS6.6AI score0.04506EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/11/09 3:4 p.m.9 views

deprecate MD2 in SSL cert validation (Kaminsky)

The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash...

5.1CVSS6.6AI score0.04506EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/08/12 2:31 p.m.7 views

deprecate MD2 in SSL cert validation (Kaminsky)

The Network Security Services NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash...

5.1CVSS6.6AI score0.04506EPSS
Exploits0References4
Rows per page
Query Builder