Lucene search
K

10 matches found

RedHat Linux
RedHat Linux
added 2026/04/15 3:24 p.m.4 views

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...

7.5CVSS5.9AI score0.00591EPSS
Exploits1References8
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.10 views

D-Bus 安全漏洞

D-Bus is an open-source implementation of the D-Bus specification. Security vulnerabilities exist in versions of D-Bus prior to 0.92.0, as well as in versions of Tmds.DBus.Protocol 0.92.0 and 0.21.3. These vulnerabilities stem from exposure to attacks by malicious D-Bus peers, which can lead to...

7.1CVSS5.8AI score0.00124EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/08 4:42 a.m.9 views

CVE-2025-24371

CometBFT is a distributed, Byzantine fault-tolerant, deterministic state machine replication engine. In the blocksync protocol peers send their base and latest heights when they connect to a new node A, which is syncing to the tip of a network. base acts as a lower ground and informs A that the...

7.1CVSS6.7AI score0.00447EPSS
Exploits0References1
NVD
NVD
added 2025/02/03 10:15 p.m.14 views

CVE-2025-24371

CometBFT is a distributed, Byzantine fault-tolerant, deterministic state machine replication engine. In the blocksync protocol peers send their base and latest heights when they connect to a new node A, which is syncing to the tip of a network. base acts as a lower ground and informs A that the...

7.1CVSS0.00447EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/03 9:20 p.m.8 views

CVE-2025-24371 Malicious peer can make node stuck in blocksync in github.com/cometbft/cometbft

CometBFT is a distributed, Byzantine fault-tolerant, deterministic state machine replication engine. In the blocksync protocol peers send their base and latest heights when they connect to a new node A, which is syncing to the tip of a network. base acts as a lower ground and informs A that the...

7.1CVSS6.6AI score0.00447EPSS
Exploits0References3
CVE
CVE
added 2025/02/03 9:20 p.m.67 views

CVE-2025-24371

CVE-2025-24371 affects CometBFT’s blocksync protocol. If a peer first reports a non-existent latest height X and then a lower Y (X>Y), a node may continually try to catch up and become blocked, potentially impacting availability. This is a networked, low-complexity issue with high impact on av...

7.1CVSS6.6AI score0.00447EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/02/03 12:0 a.m.5 views

PT-2025-5350

Name of the Vulnerable Software and Affected Versions CometBFT versions prior to 0.38.17 CometBFT versions prior to 1.0.1 Description CometBFT is a distributed, Byzantine fault-tolerant, deterministic state machine replication engine. In the blocksync protocol, peers send their base and latest...

7.1CVSS6.8AI score0.00447EPSS
Exploits0References48
Positive Technologies
Positive Technologies
added 2022/12/07 12:0 a.m.4 views

PT-2022-16021 · Js-Libp2P · Js-Libp2P

Name of the Vulnerable Software and Affected Versions: js-libp2p versions prior to v0.38.0 Description: The issue concerns targeted resource exhaustion attacks that affect libp2p's connection, stream, peer, and memory management. An attacker can cause the allocation of large amounts of memory,...

7.5CVSS7.4AI score0.00689EPSS
Exploits0References8
Veracode
Veracode
added 2017/02/02 7:10 a.m.20 views

Replay Attack

libzmq aka ZeroMQ is vulnerable to replay attacks. It is due to a flaw in the creation and validation of nonces, failing to detect nonces and disconnect malicious peers...

4.3CVSS5.9AI score0.019EPSS
Exploits0References10Affected Software1
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.20 views

Ubuntu Update for quagga vulnerability USN-461-1

Ubuntu Update for Linux kernel vulnerabilities USN-461-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4611.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for quagga vulnerability USN-461-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

6.3CVSS7.7AI score0.0174EPSS
Exploits0References2
Rows per page
Query Builder