2077 matches found
curl: SSL options ISSUERCERT, EC_CURVES and CRLFILE silently ignored by non-OpenSSL backends
Summary: The SSL options ISSUERCERT, ECCURVES and CRLFILE are silently ignored for e.g. the mbedTLS backend, which allows MITM attacks for the ISSUERCERT and CRLFILE bug, and can reduce the security and compliance by ignoring the specified curve for the ECCURVES bug. Affected version Tested with...
MiracleLinux 4 : ipa-3.0.0-50.2.0.1.AXS4 (AXSA:2016-660:02)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-660:02 advisory. Security Fix - FreeIPA certrevoke revoke certificate retrieve certificate CVE-2016-5404 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding...
Shaping a Quantum-Resistant Future: Strategies for Post-Quantum PKI
As the quantum computing era approaches, securing classical cryptographic protocols becomes imperative. Public key cryptography is widely used for signature and key exchange but it is the type of cryptography more threatened by quantum computing. Its application typically requires support via a...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003375)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003375 advisory. Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service NULL pointer dereference or possibly gai...
CVE-2022-37193
Chipolo ONE Bluetooth tracker 2020 Chipolo iOS app version 4.13.0 is vulnerable to Incorrect Access Control. Chipolo devices suffer from access revocation evasion attacks once the malicious sharee obtains the access credentials...
CVE-2017-18878
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. Knowledge of a session ID allows revoking another user's session...
Insufficient Session Expiration
Overview Affected versions of this package are vulnerable to Insufficient Session Expiration in the SFTP access control process. An attacker can maintain unauthorized access to files by remaining connected to SFTP after their permissions have been revoked or after the game server has been deleted...
Insufficient Session Expiration
Overview Affected versions of this package are vulnerable to Insufficient Session Expiration in the SFTP access control process. An attacker can maintain unauthorized access to files by remaining connected to SFTP after their permissions have been revoked or after the game server has been deleted...
SUSE CVE-2017-18878
An issue was discovered in Mattermost Server before 4.3.0, 4.2.1, and 4.1.2. Knowledge of a session ID allows revoking another user's session...
Pterodactyl 代码问题漏洞
Pterodactyl is an open source game server administration panel built using PHP, Nodejs and Go. A code issue vulnerability exists in Pterodactyl version 1.11.11 and earlier that stems from an active SFTP connection not being revoked when a user is removed from a server instance or their SFTP file...
PT-2026-20317
Name of the Vulnerable Software and Affected Versions Apache Tomcat Native versions 1.3.0 through 1.3.4 Apache Tomcat Native versions 2.0.0 through 2.0.11 Apache Tomcat versions 11.0.0-M1 through 11.0.17 Apache Tomcat versions 10.1.0-M7 through 10.1.51 Apache Tomcat versions 9.0.83 through 9.0.11...
CVE-2025-67108
eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...
CVE-2025-67108
eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...
CVE-2025-67108
eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...
UBUNTU-CVE-2025-67108
eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...
CVE-2025-67108
CVE-2025-67108 affects eProsima Fast-DDS v3.3. The issue is improper validation for ticket revocation, causing insecure communications and connections. Impact is described as high confidentiality/integrity risk with network-based access and no user interaction. Several connected sources corrobora...
CVE-2025-67108
eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...
Linux Distros Unpatched Vulnerability : CVE-2025-67108
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections. CVE-2025-67108...
Fast-DDS 安全漏洞
Fast-DDS is a complete DDS open source by eProsima. A security vulnerability exists in Fast-DDS version 3.3 that stems from improper ticket revocation validation and could lead to insecure communication...
CVE-2025-67108
eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections...