Lucene search
+L

494 matches found

RedHat Linux
RedHat Linux
added 2026/01/15 11:56 a.m.6 views

openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand

A flaw was found in OpenSSH where the SSH client accepted \0 null characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up...

3.6CVSS6.7AI score0.00118EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

MiracleLinux 3 : gnutls-1.4.1-3.5.1AXS3 (AXSA:2009-384:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-384:01 advisory. GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements the...

7.5CVSS6.2AI score0.02151EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.5 views

MiracleLinux 8 : openssh-8.0p1-27.el8_10 (AXSA:2025-11617:08)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11617:08 advisory. openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand CVE-2025-61984 openssh: OpenSSH: Null character in...

3.6CVSS6.4AI score0.00284EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 9 : php:8.3 (AXSA:2025-11640:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11640:01 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML...

7.5CVSS6.8AI score0.00953EPSS
Exploits2References4
OSV
OSV
added 2026/01/05 3:43 p.m.8 views

CLSA-2026-1767627828 openssh: Fix of CVE-2025-61985

CVE-2025-61985: potential code execution using the ‘\0’ character in an ssh:// URI, when a ProxyCommand is used...

3.6CVSS6.2AI score0.00118EPSS
Exploits0References1
OSV
OSV
added 2026/01/05 3:34 p.m.9 views

CLSA-2026-1767627264 openssh: Fix of CVE-2025-61985

CVE-2025-61985: potential code execution using the ‘\0’ character in an ssh:// URI, when a ProxyCommand is used...

3.6CVSS6.4AI score0.00118EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/23 12:0 a.m.4 views

AlmaLinux 9 : php:8.3 (ALSA-2025:23309)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23309 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...

7.5CVSS6.8AI score0.00953EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2025/12/22 12:0 a.m.7 views

AlmaLinux 8 : openssh (ALSA-2025:23481)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23481 advisory. openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand CVE-2025-61984 openssh: OpenSSH: Null character in ssh:// U...

3.6CVSS6.4AI score0.00284EPSS
Exploits2References4
Rockylinux
Rockylinux
added 2025/12/19 9:5 a.m.8 views

php:8.3 security update

An update is available for module.php-pecl-redis6, module.php, php-pecl-redis6, module.php-pecl-apcu, php-pecl-rrd, php-pecl-zip, php, module.php-pecl-zip, module.php-pecl-rrd, php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-xdebug3. This update affects Rocky Linux 9. A Common Vulnerability...

7.5CVSS6.7AI score0.00953EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2025/12/18 1:20 p.m.22 views

php: PHP Hostname Null Character Vulnerability

A flaw was found in PHP. The fsockopen function and related functions fail to validate NULL characters within the provided hostname, potentially leading to unexpected behavior during parsing. This flaw allows a network attacker to supply a specially crafted hostname. This issue can result in a...

5.3CVSS5.7AI score0.00514EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/12/18 1:20 p.m.8 views

Moderate: Red Hat Security Advisory: php:8.3 security update

An update for the php:8.3 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.7AI score0.00953EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.4 views

RHEL 9 : php:8.3 (RHSA-2025:23309)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23309 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check f...

7.5CVSS6.8AI score0.00953EPSS
Exploits2References10
RedHat Linux
RedHat Linux
added 2025/12/17 5:42 p.m.4 views

openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand

A flaw was found in OpenSSH where the SSH client accepted \0 null characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up...

3.6CVSS6.7AI score0.00118EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/12/17 4:48 p.m.3 views

openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand

A flaw was found in OpenSSH where the SSH client accepted \0 null characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up...

3.6CVSS6.7AI score0.00118EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/12/17 2:16 p.m.15 views

openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand

A flaw was found in OpenSSH where the SSH client accepted \0 null characters in ssh:// URIs. When a ProxyCommand is configured, these characters could alter how the command is parsed, potentially leading to code execution depending on how the proxy is set up...

3.6CVSS6.7AI score0.00118EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/12/17 12:0 a.m.9 views

RHEL 8 : openssh (RHSA-2025:23481)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23481 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files...

3.6CVSS6.5AI score0.00284EPSS
Exploits2References7
OSV
OSV
added 2025/12/17 12:0 a.m.9 views

ALSA-2025:23479 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand...

3.6CVSS7.4AI score0.00284EPSS
Exploits2References6
OSV
OSV
added 2025/12/16 12:0 a.m.8 views

ALSA-2025:23309 Moderate: php:8.3 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix CVE-2025-6491 php: PHP Hostname Nul...

7.5CVSS6.5AI score0.00953EPSS
Exploits2References8
Vulnrichment
Vulnrichment
added 2025/12/15 5:32 a.m.2 views

CVE-2025-14549 OMR on Z processors Exposing a possible buffer over-read problem

In the Eclipse OMR compiler component, since release 0.7.0, an optimization enabled for Eclipse OpenJ9 consumers of OMR on Z processors incorrectly handles NUL 0x00 characters during the Latin-compatible charset UTF-8, ISO8859-1, ASCII, etc to IBM-1047/037 translation sequence. This can cause the...

6.9CVSS6.5AI score0.0026EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/15 12:0 a.m.6 views

Eclipse OMR 缓冲区错误漏洞

Eclipse OMR is an open source toolkit from the Eclipse Foundation for building language runtime environments. A buffer error vulnerability exists in Eclipse OMR versions prior to 0.8.0, which stems from the incorrect handling of NUL characters during the character conversion process, and may resu...

8.1CVSS6.9AI score0.0026EPSS
Exploits0References1
Rows per page
Query Builder