EUVD-2022-39845

Malicious code in bioql PyPI...

EUVD-2025-11820

Malicious code in bioql PyPI...

EUVD-2023-57580

Malicious code in bioql PyPI...

EUVD-2024-21405

Malicious code in bioql PyPI...

EUVD-2025-0212

Malicious code in bioql PyPI...

BIT-MONGODB-2025-3085 MongoDB Server running on Linux may allow unexpected connections where intermediate certificates are revoked

A MongoDB server under specific conditions running on Linux with TLS and CRL revocation status checking enabled, fails to check the revocation status of the intermediate certificates in the peer's certificate chain. In cases of MONGODB-X509, which is not enabled by default, this may lead to...

Linux Distros Unpatched Vulnerability : CVE-2025-3085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A MongoDB server under specific conditions running on Linux with TLS and CRL revocation status checking enabled, fails to check the revocation status of the...

Cryptographic Application of Elliptic Curve with High Rank

Elliptic curve cryptography is better than traditional cryptography based on RSA and discrete logarithm of finite field in terms of efficiency and security. In this paper, we show how to exploit elliptic curve with high rank, which has not been used in cryptography before, to construct...

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock.

...

Linux Distros Unpatched Vulnerability : CVE-2020-13294

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application. CVE-2020-13294 Note that Nessus relies...

Linux Distros Unpatched Vulnerability : CVE-2018-8019

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked clie...

Linux Distros Unpatched Vulnerability : CVE-2020-13302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Under certain conditions GitLab was not properly revoking user sessions and...

Linux Distros Unpatched Vulnerability : CVE-2021-39945

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in the GitLab CE/EE API affecting all versions starting from 9.4 before 14.3.6, all versions starting from 14.4 before 14.4.4, all...

Linux Distros Unpatched Vulnerability : CVE-2020-29663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked certificates due for renewal will automatically be renewed, ignoring the CRL. This issue ...

Linux Distros Unpatched Vulnerability : CVE-2020-13230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account e.g., permission to view logs...

Linux Distros Unpatched Vulnerability : CVE-2019-19270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in tlsverifycrl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry checking twice for subject, rather...

traQ Allows Insertion of Sensitive Information into Log File

Impact A vulnerability exists where sensitive information, such as OAuth tokens, is recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an SQL error by methods such as placing a high load on the database. This could allow an...

Linux Distros Unpatched Vulnerability : CVE-2018-1000211

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that can result in Access token...

Linux Distros Unpatched Vulnerability : CVE-2020-13299

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The revocation feature was not revoking all session tokens and one could...

Linux Distros Unpatched Vulnerability : CVE-2023-5255

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked. CVE-2023-5255 Note that...