Lucene search
K

2077 matches found

Hacker One
Hacker One
added 2026/01/19 8:10 p.m.55 views

curl: SSL options ISSUERCERT, EC_CURVES and CRLFILE silently ignored by non-OpenSSL backends

Summary: The SSL options ISSUERCERT, ECCURVES and CRLFILE are silently ignored for e.g. the mbedTLS backend, which allows MITM attacks for the ISSUERCERT and CRLFILE bug, and can reduce the security and compliance by ignoring the specified curve for the ECCURVES bug. Affected version Tested with...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 4 : ipa-3.0.0-50.2.0.1.AXS4 (AXSA:2016-660:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-660:02 advisory. Security Fix - FreeIPA certrevoke revoke certificate retrieve certificate CVE-2016-5404 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding...

6.5CVSS6.2AI score0.02585EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/01/16 12:0 a.m.4 views

Shaping a Quantum-Resistant Future: Strategies for Post-Quantum PKI

As the quantum computing era approaches, securing classical cryptographic protocols becomes imperative. Public key cryptography is widely used for signature and key exchange but it is the type of cryptography more threatened by quantum computing. Its application typically requires support via a...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003375)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003375 advisory. Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service NULL pointer dereference or possibly gai...

7.8CVSS6.5AI score0.00799EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.6 views

CVE-2022-37193

Chipolo ONE Bluetooth tracker 2020 Chipolo iOS app version 4.13.0 is vulnerable to Incorrect Access Control. Chipolo devices suffer from access revocation evasion attacks once the malicious sharee obtains the access credentials...

7.4CVSS6.7AI score0.00545EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:33 a.m.8 views

CVE-2017-18878

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. Knowledge of a session ID allows revoking another user's session...

4.3CVSS6.9AI score0.0077EPSS
Exploits0References1
Snyk
Snyk
added 2026/01/06 1:53 a.m.2 views

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration in the SFTP access control process. An attacker can maintain unauthorized access to files by remaining connected to SFTP after their permissions have been revoked or after the game server has been deleted...

7.5CVSS6.9AI score0.00218EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/06 1:53 a.m.2 views

Insufficient Session Expiration

Overview Affected versions of this package are vulnerable to Insufficient Session Expiration in the SFTP access control process. An attacker can maintain unauthorized access to files by remaining connected to SFTP after their permissions have been revoked or after the game server has been deleted...

7.5CVSS6.9AI score0.00218EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/01/06 12:37 a.m.5 views

SUSE CVE-2017-18878

An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. Knowledge of a session ID allows revoking another user's session...

4.3CVSS4.9AI score0.0077EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/06 12:0 a.m.3 views

Pterodactyl 代码问题漏洞

Pterodactyl is an open source game server administration panel built using PHP, Nodejs and Go. A code issue vulnerability exists in Pterodactyl version 1.11.11 and earlier that stems from an active SFTP connection not being revoked when a user is removed from a server instance or their SFTP file...

7.5CVSS6.7AI score0.00218EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.3 views

PT-2026-20317

Name of the Vulnerable Software and Affected Versions Apache Tomcat Native versions 1.3.0 through 1.3.4 Apache Tomcat Native versions 2.0.0 through 2.0.11 Apache Tomcat versions 11.0.0-M1 through 11.0.17 Apache Tomcat versions 10.1.0-M7 through 10.1.51 Apache Tomcat versions 9.0.83 through 9.0.11...

7.8CVSS5.3AI score0.00498EPSS
Exploits0References90
RedhatCVE
RedhatCVE
added 2025/12/24 12:48 a.m.7 views

CVE-2025-67108

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...

10CVSS7.3AI score0.00299EPSS
Exploits0References1
NVD
NVD
added 2025/12/23 4:16 p.m.5 views

CVE-2025-67108

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...

10CVSS0.00299EPSS
Exploits0References4
OSV
OSV
added 2025/12/23 4:16 p.m.3 views

CVE-2025-67108

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...

10CVSS6.8AI score
Exploits0References4
OSV
OSV
added 2025/12/23 4:16 p.m.3 views

UBUNTU-CVE-2025-67108

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...

10CVSS5.8AI score0.00299EPSS
Exploits0References6
CVE
CVE
added 2025/12/23 12:0 a.m.19 views

CVE-2025-67108

CVE-2025-67108 affects eProsima Fast-DDS v3.3. The issue is improper validation for ticket revocation, causing insecure communications and connections. Impact is described as high confidentiality/integrity risk with network-based access and no user interaction. Several connected sources corrobora...

10CVSS6.9AI score0.00299EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2025/12/23 12:0 a.m.4 views

CVE-2025-67108

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...

10CVSS5.9AI score0.00299EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/23 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-67108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections. CVE-2025-67108...

10CVSS5.8AI score0.00299EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.3 views

Fast-DDS 安全漏洞

Fast-DDS is a complete DDS open source by eProsima. A security vulnerability exists in Fast-DDS version 3.3 that stems from improper ticket revocation validation and could lead to insecure communication...

10CVSS6.4AI score0.00299EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/23 12:0 a.m.26 views

CVE-2025-67108

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...

0.00299EPSS
Exploits0References4
Rows per page
Query Builder