1781 matches found
openssh: OpenSSH: Denial of Service via excessive GSSAPI authentication attempts
A flaw was found in OpenSSH's Secure Shell Daemon sshd. This vulnerability allows a remote attacker to cause a denial of service by initiating an excessive number of authentication attempts. The issue arises from the mishandling of the MaxAuthTries setting specifically when using...
CVE-2026-60000
sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service resource consumption from excessive authentication attempts because MaxAuthTries was mishandled for GSSAPIAuthentication...
CVE-2026-12610
A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...
Oracle Linux 9 : thunderbird (ELSA-2026-29940)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-29940 advisory. 140.12.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.12.0 - Add OpenELA debranding 140.12.0-1 - Update to 140.12.0 ESR Tenab...
CVE-2026-12318
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...
Oracle Linux 9 : firefox (ELSA-2026-27734)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-27734 advisory. 140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...
Astra Linux – Vulnerability in sssd
A flaw was discovered in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Since the data is treated as a NUL-terminated C string without an explicit termination, this leads to a...
CVE-2026-55654
A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI Generic Security Service Application Programming Interface indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific...
PT-2026-51472
Name of the Vulnerable Software and Affected Versions OpenSSH affected versions not specified Description A heap out-of-bounds read occurs during the cleanup of GSSAPI Generic Security Service Application Programming Interface indicators when a trailing NULL termination is missing in the...
Oracle Linux 9 : firefox (ELSA-2026-19201)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19201 advisory. 140.10.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...
Fedora 43 : firefox / nss (2026-1c873954fa)
The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-1c873954fa advisory. Update NSS to 3.124.0 Update to Firefox 152.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
SUSE CVE-2026-12318
Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152...
[SECURITY] Fedora 43 Update: nss-3.124.0-1.fc43
Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...
[SECURITY] Fedora 44 Update: nss-3.124.0-1.fc44
Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...
Fedora 44 : firefox / nss (2026-5eeadd9b1b)
The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-5eeadd9b1b advisory. Update NSS to 3.124.0 Update Firefox to 152.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
CVE-2026-12318
Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152...
CVE-2026-12318 Incorrect boundary conditions in the Libraries component in NSS
Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152...
EUVD-2026-37109
Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152...
PT-2026-49687
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 152 Thunderbird versions prior to 152 Description Incorrect boundary conditions exist within the Libraries component of the Network Security Services NSS, which is a set of libraries providing support for security...
JLSEC-2026-606
Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AFUNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled, an attacker can do the same via access to a PostgreSQL TCP socket. Versions before PostgreSQL 18....