Lucene search
+L

1547 matches found

Fedora
Fedora
added 2026/02/04 2:11 a.m.12 views

[SECURITY] Fedora 43 Update: rust-sequoia-keystore-server-0.2.0-5.fc43

Sequoia keystore daemon...

5.3CVSS5.2AI score0.00302EPSS
Exploits0
Fedora
Fedora
added 2026/02/04 2:5 a.m.13 views

[SECURITY] Fedora 42 Update: rust-sequoia-keystore-server-0.2.0-5.fc42

Sequoia keystore daemon...

5.3CVSS5.2AI score0.00302EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.3 views

Fedora 43 : rust-sequoia-keystore-server / rust-sequoia-octopus-librnp / etc (2026-9317b8ea7b)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-9317b8ea7b advisory. Rebuild with sequoia-openpgp v2.1.0 to apply fixes for RUSTSEC-2025-0136 / CVE-2025-67897. Tenable has extracted the preceding description block directly fro...

5.3CVSS5.5AI score0.00302EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/02/04 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2026-9317b8ea7b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.4AI score0.00302EPSS
Exploits0References3
NVD
NVD
added 2026/02/03 3:16 p.m.11 views

CVE-2026-1814

Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword method. When updating legacy keystore passwords, the application generates a new password with insufficient length 7-12 characters and a static prefix...

6.8CVSS0.00145EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/03 2:54 p.m.7 views

EUVD-2026-5222

Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword method. When updating legacy keystore passwords, the application generates a new password with insufficient length 7-12 characters and a static prefix...

7.5CVSS5.5AI score0.00145EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/03 2:54 p.m.4 views

CVE-2026-1814 Rapid7 Nexpose Insecure Java Keystore Password Generation

Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword method. When updating legacy keystore passwords, the application generates a new password with insufficient length 7-12 characters and a static prefix...

6.8CVSS5.5AI score0.00145EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/03 2:54 p.m.31 views

CVE-2026-1814 Rapid7 Nexpose Insecure Java Keystore Password Generation

Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword method. When updating legacy keystore passwords, the application generates a new password with insufficient length 7-12 characters and a static prefix...

6.8CVSS0.00145EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 2:54 p.m.8 views

CVE-2026-1814

Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword method. When updating legacy keystore passwords, the application generates a new password with insufficient length 7-12 characters and a static prefix...

6.8CVSS5.5AI score0.00145EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/02/03 2:54 p.m.18 views

CVE-2026-1814

CVE-2026-1814 affects Rapid7 Nexpose versions 6.4.50 and later. The root cause is an insufficient entropy issue in Password key generation: CredentialsKeyStorePassword.generateRandomPassword() creates passwords with insufficient length (7–12 chars) and a static prefix 'p', yielding a weak keyspac...

6.8CVSS5.5AI score0.00145EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.12 views

PT-2026-6066

Name of the Vulnerable Software and Affected Versions Rapid7 Nexpose versions 6.4.50 and later Description A security issue exists in Rapid7 Nexpose related to insufficient entropy in the CredentialsKeyStorePassword.generateRandomPassword method. This can impact the randomness of generated...

6.8CVSS5.4AI score0.00145EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : java-17-openjdk-17.0.1.0.12-2.el8 (AXSA:2021-2878:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2878:03 advisory. OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation Libraries, 8266689 CVE-2021-35567 OpenJDK: Excessive memory...

6.8CVSS6.2AI score0.14839EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 7 : java-11-openjdk-11.0.13.0.8-1.el7 (AXSA:2021-2490:12)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2490:12 advisory. OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using...

7.1CVSS6.3AI score0.14839EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : java-11-openjdk-11.0.13.0.8-1.el8 (AXSA:2021-2492:13)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2492:13 advisory. OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using...

7.1CVSS6.5AI score0.14839EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.312.b07-1.el7 (AXSA:2021-2489:11)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2489:11 advisory. OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using...

7.1CVSS6.5AI score0.14839EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.312.b07-1.el8 (AXSA:2021-2491:12)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2491:12 advisory. OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using...

7.1CVSS6.5AI score0.14839EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/01/09 12:16 p.m.9 views

CVE-2018-1000104

A plaintext storage of a password vulnerability exists in Jenkins Coverity Plugin 1.10.0 and earlier in CIMInstance.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser e.g. malicious extension to retrieve the configured keystore and priva...

7.8CVSS6.7AI score0.00344EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:5 a.m.10 views

CVE-2024-41781

IBM PowerVM Platform KeyStore IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60, FW1050.00 through FW1050.20, and FW1060.00 through FW1060.10 functionality can be compromised if an attacker gains service access to the HMC. An attacker that gains service access to the H...

5.9CVSS6.6AI score0.00343EPSS
Exploits0References1
Metasploit
Metasploit
added 2025/12/12 6:56 p.m.354 views

N-able N-Central Authentication Bypass and XXE Scanner

This module scans for vulnerable N-able N-Central instances affected by CVE-2025-9316 Unauthenticated Session Bypass and CVE-2025-11700 XXE. The module attempts to exploit CVE-2025-9316 by sending a sessionHello SOAP request to the ServerMMS endpoint with various appliance IDs to obtain an...

8.4CVSS8.1AI score0.36287EPSS
Exploits2
CNNVD
CNNVD
added 2025/10/10 12:0 a.m.5 views

External Secrets 访问控制错误漏洞

External Secrets is a Kubernetes-related application in the External Secrets open source. An access control error vulnerability exists in External Secrets versions 0.10.1 through 0.19.2, which stems from an unvalidated namespace context or keystore type, and could lead to unauthorized...

8.7CVSS6.4AI score0.00285EPSS
Exploits0References2
Rows per page
Query Builder