5 matches found
FreeBSD : curl -- multiple vulnerabilities (a4f8bb03-f52f-11ed-9859-080027083a05)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a4f8bb03-f52f-11ed-9859-080027083a05 advisory. - The vulnerability exists due to a use-after-free error when checking the SSH sha256...
UBUNTU-CVE-2023-28319
A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the now freed hash. This flaw...
MGASA-2020-0475 Updated kdeconnect-kde packages improve security
For the pairing procedure, the GUI component only presented the friendly 'deviceName' to identify peer devices, which is completely under attacker control. Furthermore the 'deviceName' is transmitted in cleartext in UDP broadcast messages for all other nodes in the network segment to see. Therefo...
Updated kdeconnect-kde packages improve security
For the pairing procedure, the GUI component only presented the friendly 'deviceName' to identify peer devices, which is completely under attacker control. Furthermore the 'deviceName' is transmitted in cleartext in UDP broadcast messages for all other nodes in the network segment to see. Therefo...
SUSE SLED15 / SLES15 Security Update : libssh2_org (SUSE-SU-2020:3551-1)
This update for libssh2org fixes the following issues : Version update to 1.9.0: bsc1178083, jscSLE-16922 Enhancements and bugfixes : - adds ECDSA keys and host key support when using OpenSSL - adds ED25519 key and host key support when using OpenSSL 1.1.1 - adds OpenSSH style key file reading -...