320 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-23893
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged...
openSUSE Security Advisory (SUSE-SU-2026:0351-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : openCryptoki (SUSE-SU-2026:0351-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0351-1 advisory. - CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following bsc1257116 Tenable has extracted the preceding description block directly...
Security update for openCryptoki
This update for openCryptoki fixes the following issues: CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following bsc1257116 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...
SUSE-SU-2026:0351-1 Security update for openCryptoki
This update for openCryptoki fixes the following issues: - CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following bsc1257116...
SUSE SLES15 Security Update : openCryptoki (SUSE-SU-2026:0291-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0291-1 advisory. - CVE-2026-22791: Fixed supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. Tenable ha...
Security update for openCryptoki
This update for openCryptoki fixes the following issues: CVE-2026-22791: Fixed supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
SUSE-SU-2026:0291-1 Security update for openCryptoki
This update for openCryptoki fixes the following issues: - CVE-2026-22791: Fixed supplying malformed compressed EC public key can lead to heap corruption or denial-of-service bsc1256673...
openCryptoki-3.26.0-4.1 on GA media (moderate)
openCryptoki-3.26.0-4.1 on GA media Announcement ID: openSUSE-SU-2026:10086-1 Rating: moderate Cross-References: CVE-2026-23893 CVSS scores: CVE-2026-23893 SUSE : 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can no...
OPENSUSE-SU-2026:10086-1 openCryptoki-3.26.0-4.1 on GA media
These are all security issues fixed in the openCryptoki-3.26.0-4.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-23893
A flaw was found in openCryptoki, a PKCS11 library and tooling for Linux and AIX. A token-group user can exploit a symlink-following vulnerability by planting symbolic links in group-writable token directories. When an administrator runs a PKCS11 application or administrative tool as root, it may...
DEBIAN-CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
AZL-75381 CVE-2026-23893 affecting package opencryptoki 3.24.0-3
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
AZL-75360 CVE-2026-23893 affecting package opencryptoki 3.17.0-1
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
UBUNTU-CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
CVE-2026-23893 openCryptoki has improper link resolution before file access (link following)
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
CVE-2026-23893 openCryptoki has improper link resolution before file access (link following)
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...
CVE-2026-23893
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to symlink-following when running in privileged contexts. A token-group user can redirect file operations to arbitrary filesystem targets by planting symlinks in group-writable token...