Lucene search
+L

5811 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/02 10:9 p.m.10 views

CVE-2026-25861

QloApps through 1.7.0, fixed in commit 64e9722, contains a weak cryptographic algorithm vulnerability that allows attackers to compromise user credentials by exploiting the use of MD5 for password hashing in the Tools::encrypt function within classes/Tools.php, which concatenates a static cookie...

8.2CVSS5.8AI score0.00178EPSS
Exploits0References4
Mageia
Mageia
added 2026/06/02 5:23 a.m.20 views

Updated assimp packages fix security vulnerabilities

CVE-2025-2750,- A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation leads to...

9.8CVSS5.9AI score0.00618EPSS
Exploits6References3
OSV
OSV
added 2026/06/01 2:22 p.m.12 views

USN-8356-1 gsasl vulnerability

It was discovered that GNU SASL did not properly handle certain DIGEST-MD5 tokens. An attacker could possibly use this issue to cause GNU SASL to crash, resulting in a denial of service...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/28 11:5 a.m.11 views

CVE-2026-6478

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.7AI score0.00558EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.13 views

Amazon Linux 2023 : libpq, libpq-devel (ALAS2023-2026-1711)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1711 advisory. Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack...

8.8CVSS6AI score0.00558EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/05/27 10:56 a.m.14 views

SUSE CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.11 views

CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References1
OSV
OSV
added 2026/05/25 8:23 a.m.9 views

CLSA-2026-1779697425 postgresql: Fix of CVE-2026-6478

CVE-2026-6478: backport upstream prerequisite that introduces the timingsafebcmp constant-time memory comparison helper, then apply it to SCRAM and MD5 authentication paths that previously used memcmp or strcmp on password hashes, computed keys, and SCRAM nonces, to prevent timing-side-channel...

8.2CVSS5.8AI score0.00558EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-48829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This...

7.5CVSS5.5AI score0.00455EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.11 views

Fedora 45 : perl-Crypt-PasswdMD5 (2026-5f1dfcb5c8)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5f1dfcb5c8 advisory. Automatic update for perl-Crypt-PasswdMD5-1.4.3-1.fc45. Changelog Sat May 23 2026 Paul Howarth - 1.4.3-1 - Update to 1.43 - Replace use of the...

7.5CVSS5.8AI score0.00447EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/24 4:16 a.m.19 views

CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References5
OSV
OSV
added 2026/05/24 4:16 a.m.7 views

UBUNTU-CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/24 2:22 a.m.14 views

CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References5
CVE
CVE
added 2026/05/24 2:22 a.m.69 views

CVE-2026-48829

Technical details (affected product/versions, root cause, impact, fixes) are not publicly available in the provided documents. Monitor for updates.

7.5CVSS5.8AI score0.00455EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/24 2:22 a.m.14 views

EUVD-2026-31562

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/24 2:22 a.m.26 views

CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

7.5CVSS0.00455EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/24 2:22 a.m.8 views

CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/24 2:22 a.m.30 views

CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

7.5CVSS5.8AI score0.00455EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/24 12:0 a.m.15 views

PT-2026-42903

Name of the Vulnerable Software and Affected Versions GNU SASL versions prior to 2.2.3 Description DIGEST-MD5 contains a NULL pointer dereference affecting both clients and servers. This issue occurs in the file lib/digest-md5/getsubopt.c when a known token is provided without an accompanying =...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References20
CNNVD
CNNVD
added 2026/05/24 12:0 a.m.17 views

GNU SASL 代码问题漏洞

GNU SASL is a simple authentication and security layer framework from the GNU community in the United States, which implements several common SASL mechanisms. Versions of GNU SASL prior to 2.2.3 had code vulnerabilities; these vulnerabilities stemmed from a null pointer dereferencing in the...

7.5CVSS5.9AI score0.00455EPSS
Exploits0References5
Rows per page
Query Builder