18 matches found
vLLM: OpenAI auth bypass
Summary A vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API AuthenticationMiddleware, which was discovered during @x41sec's source code audit. It allows to use the API without providing the configured VLLMAPIKEY or...
CVE-2026-8881
Version 3.0.7 of the Securly Chrome Extension uses EVPBytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a single iteration provides no key stretching...
PT-2026-46052
Name of the Vulnerable Software and Affected Versions Securly Chrome Extension version 3.0.7 Description The software uses the EVP BytesToKey key derivation function with MD5 and a single iteration for AES encryption. MD5 is a cryptographic hash function that is no longer secure, and the use of a...
CVE-2026-42789
Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP publickey pubkeycert module allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery. In lib/publickey/src/pubkeycert.erl, pubkeycert:validateextensions/7 contains two...
CVE-2026-42789
The CVE-2026-42789 entry documents a vulnerability in Erlang OTP public_key (pubkey_cert module): a certificate with basicConstraints cA:false and no keyUsage can be misused as an intermediate issuer during pkix_path_validation, enabling chain forgery. Two flaws in pubkey_cert:validate_extensions...
PT-2026-43712
Name of the Vulnerable Software and Affected Versions Erlang OTP versions 17.0 through 26.2.5.20 Erlang OTP versions 27.x prior to 27.3.4.12 Erlang OTP versions 28.x prior to 28.5.0.1 Erlang OTP versions 29.x prior to 29.0.1 public key versions 0.22 through 1.15.1.6 public key versions 1.17.x pri...
Kimai's Twig function config() leaks server-wide secrets (LDAP bind password, SAML SP private key) via invoice/export templates
Summary Kimai's Twig sandbox StrictPolicy, used for admin-uploaded invoice and export templates allow-lists the config Twig function with no key filtering. configname delegates to App\Configuration\SystemConfiguration::find$name, which returns arbitrary entries from the flattened kimai.config...
CVE-2026-40934
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at /.local/share/jupyter/runtime/jupytercookiesecret and is never rotated when a user changes their password. After a password...
CVE-2026-26003
FastGPT is an AI Agent building platform. From 4.14.0 to 4.14.5, attackers can directly access the plugin system through FastGPT/api/plugin/xxx without authentication, thereby threatening the plugin system. This may cause the plugin system to crash and the loss of plugin installation status, but ...
CVE-2025-11935
With TLS 1.3 pre-shared key PSK a malicious or faulty server could ignore the request for PFS perfect forward secrecy and the client would continue on with the connection using PSK without PFS. This happened when a server responded to a ClientHello containing pskdheke without a keyshare...
Evope 1.1.3.20 Hardcoded Cryptographic Key
The component Evope Core in Evope version 1.1.3.20 uses a hardcoded cryptographic key, which means that encryption/decryption keys are permanently embedded in the source code, rather than being securely managed. This creates a critical security flaw because anyone who gains access to or...
DEBIAN-CVE-2023-3341
The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...
ALPINE-CVE-2023-3341
The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...
PT-2023-5449 · Isc +12 · Bind 9 +12
Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.2.0 through 9.16.43 BIND 9 versions 9.18.0 through 9.18.18 BIND 9 versions 9.19.0 through 9.19.16 BIND 9 versions 9.9.3-S1 through 9.16.43-S1 BIND 9 versions 9.18.0-S1 through 9.18.18-S1 Description: The code that processes...
CVE-2021-34571
Multiple Wireless M-Bus devices by Enbra use Hard-coded Credentials in Security mode 5 without an option to change the encryption key. An adversary can learn all information that is available in Enbra EWM...
UBUNTU-CVE-2020-14002
PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client...
kernel: crypto: GPF in lrw_crypt caused by null-deref
The lrwcrypt function in 'crypto/lrw.c' in the Linux kernel before 4.5 allows local users to cause a system crash and a denial of service by the NULL pointer dereference via accept2 system call for AFALG socket without calling setkey first to set a cipher key...
PT-2016-4081 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.4.2 Description: The issue allows local users to cause a denial of service, resulting in a system crash due to a NULL pointer dereference. This occurs when a crafted application does not supply a key, related ...