Lucene search
K

6 matches found

OSV
OSV
added 2026/05/20 12:57 p.m.9 views

USN-8284-1 gnutls28 vulnerabilities

Joshua Rogers discovered that GnuTLS did not properly handle malformed DTLS handshake fragments in certain cases. A remote attacker could possibly use this issue to obtain sensitive information, or cause a denial of service. CVE-2026-33845 Haruto Kimura, Oscar Reparaz, and Zou Dikai discovered th...

9.8CVSS6.1AI score0.01335EPSS
Exploits2References14
ATTACKERKB
ATTACKERKB
added 2026/03/04 4:12 p.m.4 views

CVE-2026-23811

A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 L2 communication restrictions between clients and redirect traffic at Layer 3 L3. In addition to bypassing policy enforcement, successful exploitation - when combined with a port-stealing attack - may enable...

4.3CVSS5.9AI score0.00155EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.12 views

PT-2026-22945

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A flaw exists in the client isolation mechanism that could allow an attacker to circumvent Layer 2 L2 communication limitations between clients, potentially redirecting traffic at Layer 3 L3...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References4
OSV
OSV
added 2025/09/25 12:0 a.m.4 views

ALSA-2025:16823 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled CVE-2025-26465 For more...

6.8CVSS6.8AI score0.06997EPSS
Exploits4References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/28 3:21 p.m.12 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a machine-in-the-middle attack in OpenSSH [CVE-2025-26465]

Summary IBM Watson Speech Services Cartridge is vulnerable to a machine-in-the-middle attack in OpenSSH, due to an error in how OpenSSH mishandles error codes in specific conditions when verifying the host key CVE-2025-26465. OpenSSH is used in our speech service runtimes. This vulnerabilitiy has...

6.8CVSS6.9AI score0.06997EPSS
Exploits4Affected Software1
OSV
OSV
added 2014/08/11 1:20 p.m.3 views

USN-2310-1 krb5 vulnerabilities

It was discovered that Kerberos incorrectly handled certain crafted Draft 9 requests. A remote attacker could use this issue to cause the daemon to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. CVE-2012-1016 It was discovered that Kerberos incorrectly handled...

8.5CVSS7AI score0.08085EPSS
Exploits0References11
Rows per page
Query Builder