12 matches found
PT-2025-51938
Name of the Vulnerable Software and Affected Versions mcp-server-git versions prior to 2025.12.17 Description In mcp-server-git versions prior to 2025.12.17, the server did not validate that repo path arguments in subsequent tool calls were within the configured repository path when started with...
nss: timing attack against RSA decryption
It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be used to mount a Bleichenbacher or Manger like attack against all RSA decryption operations. As the leak happens...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : mozilla-nss (SUSE-SU-2024:0597-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0597-1 advisory. - It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether...
SUSE SLES15 Security Update : mozilla-nss (SUSE-SU-2024:0579-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0579-1 advisory. - It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA...
RHEL 8 : nss (RHSA-2024:0093)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0093 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server...
CentOS 8 : nss (CESA-2024:0105)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:0105 advisory. - It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero...
[SECURITY] [DLA 3638-1] h2o security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3638-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky October 29, 2023 https://wiki.debian.org/LTS -...
Code injection
1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, authenticated attackers can download arbitrary files through the API interface. This code has unauthorized access. Attackers can freely download the file content on the target system. This may caus...
CVE-2023-39966 1Panel arbitrary file write vulnerability exists in the background
1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, an arbitrary file write vulnerability could lead to direct control of the server. In the api/v1/file.go file, there is a function called SaveContentthat,It recieves JSON data sent by users in the...
CVE-2021-20144
An unauthenticated command injection vulnerability exists in the parameters of operation 49 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
Site program-Africa SI exploits-vulnerability warning-the black bar safety net
Part I Preface Now the most popular online site attack means, to was SQL Injection, even though SI technology is easy to use, and easy to obtain greater privileges, but because of the limelight too big, now generally is a little security-conscious programmer will pay attention to this problem, an...
Axis Communications HTTP Server 2.x - Messages Information Disclosure
Axis Communications HTTP Server 2.x - Messages Information Disclosure source: https://www.securityfocus.com/bid/6980/info It has been reported that the Axis Video Server does not properly secure sensitive information. Because of this, an attacker may be able to gather details about server operati...