19 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: keys: Fixed the issue where the expiration time of a key was overwritten during instantiation, causing it to become permanent. This issue causes problems with DNS resolution, as the expiration time set by user-space is overwritte...
CLSA-2026-1778766810 samba: Fix of CVE-2023-0922
CVE-2023-0922: set default ldap client sasl wrapping to seal - Refresh samba-pubkeyAA99442FB680B620.gpg expiry extended to 2027-12-12...
EUVD-2026-12544
In affected versions of Octopus Server it was possible for a low privileged user to manipulate an API request to change the signing key expiration and revocation time frames via an API endpoint that had incorrect permission validation. It was not possible to expose the signing keys using this...
CVE-2026-3237
In affected versions of Octopus Server it was possible for a low privileged user to manipulate an API request to change the signing key expiration and revocation time frames via an API endpoint that had incorrect permission validation. It was not possible to expose the signing keys using this...
CVE-2026-3237
In affected versions of Octopus Server it was possible for a low privileged user to manipulate an API request to change the signing key expiration and revocation time frames via an API endpoint that had incorrect permission validation. It was not possible to expose the signing keys using this...
How to Manually Update GPG key on Veeam Appliances
Article Applicability This article is specifically regarding the Veeam Appliances used in conjunction with Veeam Backup & Replication 13. Including the Veeam Software Appliance, Veeam Infrastructure Appliance, and Veeam Hardened Repository deployed from the Veeam Infrastructure Appliance. For...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990735)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990735 advisory. In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionall...
EUVD-2024-47416
Malicious code in bioql PyPI...
GO-2025-3921 Coder accepts an APIKey beyond the linked OIDC expiry if there is no refresh token in github.com/coder/coder
Coder accepts an APIKey beyond the linked OIDC expiry if there is no refresh token in github.com/coder/coder...
Coder accepts an APIKey beyond the linked OIDC expiry if there is no refresh token
Summary If users log in to Coder via OIDC, and the OpenID Identity Provider does not return a refresh token, then Coder may allow their web session to continue beyond the expiration of the token returned by the OpenID Identity Provider. Details When a user logs in via OIDC, Coder stores the OIDC...
CVE-2024-6299
Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker which has compromised an expired key to forge requests as the remote server, as well as PDUs with timestamps past the expiry date...
OESA-2024-1897 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: PCI: ofproperty: Return error for intmap allocation failure Return -ENOMEM from ofpcipropintrmap if kcalloc fails to prevent a NULL pointer dereference in this...
CVE-2024-6299
Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker which has compromised an expired key to forge requests as the remote server, as well as PDUs with timestamps past the expiry date...
CVE-2024-6299 Use of a Key Past its Expiration Date in Conduit
Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker which has compromised an expired key to forge requests as the remote server, as well as PDUs with timestamps past the expiry date...
CVE-2024-6299
Conduit versions prior to v0.8.0 are affected by CVE-2024-6299 due to improper handling of key expiry during signature validation. An attacker who has compromised an expired key can forge requests to the remote server and craft PDUs with timestamps past expiry. The root cause is lack of considera...
PT-2024-37521 · Conduit · Conduit
Name of the Vulnerable Software and Affected Versions: Conduit affected versions not specified Description: The issue is related to the lack of consideration of key expiry when validating signatures in Conduit. This allows an attacker who has compromised an expired key to forge requests as the...
SUSE CVE-2024-36031
In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set ...
DEBIAN-CVE-2024-36031
In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set ...
UBUNTU-CVE-2024-36031
In the Linux kernel, the following vulnerability has been resolved: keys: Fix overwrite of key expiration on instantiation The expiry time of a key is unconditionally overwritten during instantiation, defaulting to turn it permanent. This causes a problem for DNS resolution as the expiration set ...