CVE-2026-46243 smb: client: reject userspace cifs.spnego descriptions

In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...

RockyLinux 9 : bind (RLSA-2026:18786)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18786 advisory. bind: Resource exhaustion via malformed DNSKEY handling CVE-2025-8677 Tenable has extracted the preceding description block directly from the RockyLinux security...

bind security update

9.18.33-10.0.2.el101.3 - Hard require needed openssl-libs Orabug: 38742109 - Fix warning when changing device file permissions Orabug: 36518580 32:9.18.33-10.3 - Prevent Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 32:9.18.33-10.2 - Fix upstream reported regressio...

The vulnerability of the ServerConfig.PublicKeyCallback() function in the Go programming language library allows a hacker to bypass security restrictions.

The vulnerability of the ServerConfig.PublicKeyCallback function in the Go programming language library is related to deficiencies in the authentication process when handling keys. Exploiting this vulnerability could allow a malicious actor to circumvent security restrictions from a remote locati...

AZL-54327 CVE-2024-45337 affecting package cf-cli for versions less than 8.7.3-4

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

UBUNTU-CVE-2024-45004

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak of blob encryption key Trusted keys unseal the key blob on load, but keep the sealed payload in the blob field so that every subsequent read export will simply convert this field to hex and send it to...

SUSE CVE-2022-48782

In the Linux kernel, the following vulnerability has been resolved: mctp: fix use after free Clang static analysis reports this problem route.c:425:4: warning: Use of memory after it is freed tracemctpkeyacquirekey; ^ When mctpkeyadd fails, key is freed but then is later used in...

DEBIAN-CVE-2022-48782

In the Linux kernel, the following vulnerability has been resolved: mctp: fix use after free Clang static analysis reports this problem route.c:425:4: warning: Use of memory after it is freed tracemctpkeyacquirekey; ^ When mctpkeyadd fails, key is freed but then is later used in...

The vulnerability of the OpenSSH ECDSA Key Handler component in JavaScript-based object signing and encryption technologies allows a malicious actor to gain unauthorized access to OpenSSH ECDSA public keys.

The vulnerability of the OpenSSH ECDSA Key Handler component in JavaScript-based object signing and encryption technologies is related to the determination of the blacklist of prefixes for public keys. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to...

CVE-2024-5264

Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative console access to access backups taken via offline analysis...

kernel: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace

A vulnerability was discovered in the Intel wireless iwlwifi driver in the Linux kernel that could lead to a buffer overflow in the Driver Virtualization Module key handling code. When processing a received TKIP key that includes MIC rx/tx components, the driver did not adequately limit the amoun...

Remote Code Execution (RCE)

redis is vulnerable to Remote Code Execution RCE. This vulnerability occurs due to a flaw in the way that Redis handles key names. An attacker can exploit this vulnerability to cause Redis to crash or to execute arbitrary code...

Code injection

When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

ISC BIND 安全漏洞

ISC BIND is a suite of open source software that implements the DNS protocol from the US company ISC. A security vulnerability in ISC BIND versions 9.18.x prior to 9.18.7 and 9.19.x prior to 9.19.5, which stems from changes between OpenSSL 1.x and OpenSSL 3.0 exposes a flaw in the naming, which c...

Cisco Firepower Threat Defense 和Cisco Adaptive Security Appliances Software 安全漏洞

Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliances Software ASA Software are both products of Cisco, Inc.Cisco Firepower Threat Defense is a set of unified software that provides next-generation firewall services. Defense is a set of unified software to provide...

The vulnerability in the implementations of preparse_server_key(), free_preparse_server_key(), and destroy_server_key() functions of Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the preparseserverkey, freepreparseserverkey, and destroyserverkey functions in Linux kernel implementations is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause service failures...

CVE-2021-29950

Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state. This vulnerability affects Thunderbird 78.8.1...

The vulnerability of SSH-agent’s identification keys in the OpenSSH cryptographic protection mechanism allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of SSH-agent’s identification keys in the OpenSSH encryption method is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause service failures or execute arbitrary code...

openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2020-2083)

This update for java-180-openjdk fixes the following issues : - Fix regression '8250861: Crash in MinINode::IdealPhaseGVN, bool', introduced in October 2020 CPU. - Update to version jdk8u272 icedtea 3.17.0 July 2020 CPU, bsc1174157, and October 2020 CPU, bsc1177943 - New features + JDK-8245468: A...

Security update for java-1_8_0-openjdk (moderate)

openSUSE Security Update: Security update for java-180-openjdk Announcement ID: openSUSE-SU-2020:2083-1 Rating: moderate References: 1174157 1177943 Cross-References: CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621...