109 matches found
RLSA-2023:7052 Moderate: libreswan security update
Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...
SUSE CVE-2017-1000362
The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINSHOME with a new key. It also created a backup directory with all old secrets, and the key used to encrypt them. These backups were world-readable and not removed afterwards. Jenkins now deletes the...
Security Bulletin: Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations
Summary Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...
Astra Linux - уязвимость в linux, linux-5.15, linux-6.1, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211gtkrekeyadd is called, and ieee80211gtkrekeyadd returns 0 due to KRACK protection identical key reinstall, ieee80211gtkrekeyadd will still return a pointer to the key...
Astra Linux - уязвимость в libssh
A flaw was discovered in libssh’s handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, especially...
SUSE CVE-2026-5807
Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...
SUSE SLES16 Security Update : strongswan (SUSE-SU-2026:21203-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21203-1 advisory. Update to strongswan 6.0.4: - CVE-2025-9615: NetworkManager File Access bsc1257359. - CVE-2026-25075: Integer Underflow When...
openSUSE 16 Security Update : strongswan (openSUSE-SU-2026:20547-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20547-1 advisory. Update to strongswan 6.0.4: - CVE-2025-9615: NetworkManager File Access bsc1257359. - CVE-2026-25075: Integer Underflow When Handling EAP-TTLS A...
BIT-VAULT-2026-5807 Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations
Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...
Security update for strongswan (important)
openSUSE security update: security update for strongswan ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20547-1 Rating: important References: bsc1257359 bsc1259472 Cross-References: CVE-2025-9615 CVE-2026-25075 CVSS scores: CVE-2025-9615 SUSE : 5.5...
CVE-2026-5807
A flaw was found in Vault. An unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations. This action occupies the single slot designated for in-progress operations, effectively preventing legitimate operators from completing critical administrative...
EUVD-2026-23362
Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...
GHSA-88V5-9HXC-F85R HashiCorp Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations
Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...
CVE-2026-5807
Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...
CVE-2026-5807
Vault is vulnerable to a denial-of-service condition: an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot and preventing legitimate operators from completing these workflows. The issue is fixed in...
CVE-2026-5807
Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...
CVE-2026-5807
Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...
CVE-2026-5807 Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations
Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...
CVE-2026-5807 Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations
Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...
PT-2026-33406
Name of the Vulnerable Software and Affected Versions Vault Community Edition versions prior to 2.0.0 Vault Enterprise versions prior to 2.0.0 Description An unauthenticated attacker can cause a denial-of-service condition by repeatedly initiating or canceling root token generation or rekey...