Lucene search
K

7 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/05 8:29 p.m.3 views

CVE-2026-35579

CoreDNS is a DNS server written in Go. In versions prior to 1.14.3, the gRPC, QUIC, DoH, and DoH3 transport implementations incorrectly handle TSIG authentication. For gRPC and QUIC, the server checks whether the TSIG key name exists in the configuration but never calls dns.TsigVerify to validate...

8.2CVSS5.8AI score0.0051EPSS
Exploits1References2Affected Software1
0day.today
0day.today
added 2024/07/22 12:0 a.m.444 views

Softing Secure Integration Server 1.22 Remote Code Execution Exploit

This Metasploit module chains two vulnerabilities to achieve authenticated remote code execution against Softing Secure Integration Server version 1.22. In CVE-2022-1373, the restore configuration feature is vulnerable to a directory traversal vulnerability when processing zip files. When using t...

7.2CVSS8.2AI score0.10229EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2018/10/26 12:0 a.m.33 views

EulerOS Virtualization 2.5.0 : gnupg2 (EulerOS-SA-2018-1333)

According to the version of the gnupg2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A data validation flaw was found in the way gnupg processes file names during decryption and signature validation. An attacker may be...

7.5CVSS7.2AI score0.08654EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/08/10 12:0 a.m.29 views

EulerOS 2.0 SP3 : gnupg2 (EulerOS-SA-2018-1223)

According to the version of the gnupg2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A data validation flaw was found in the way gnupg processes file names during decryption and signature validation. An attacker may be able to inject...

7.5CVSS7.2AI score0.08654EPSS
Exploits0References2
Amazon
Amazon
added 2018/08/08 12:0 a.m.51 views

Important: gnupg2

Issue Overview: A data validation flaw was found in the way gnupg processes file names during decryption and signature validation. An attacker may be able to inject messages into gnupg verbose message logging which may have the potential to bypass the integrity of signature authentication...

7.5CVSS7.4AI score0.08654EPSS
Exploits0
Amazon
Amazon
added 2018/06/27 12:0 a.m.537 views

Important: gnupg, gnupg2

Issue Overview: A data validation flaw was found in the way gnupg processes file names during decryption and signature validation. An attacker may be able to inject messages into gnupg verbose message logging which may have the potential to bypass the integrity of signature authentication...

7.5CVSS7.5AI score0.08654EPSS
Exploits0
Veracode
Veracode
added 2018/03/01 5:2 a.m.18 views

Authorization Bypass

python-saml is vulnerable to authentication bypass. The application does not properly parse comments in certain XML nodes, causing text after a comment being lost before signing the SAML Message. This allows a malicious user to modify a SAML message without invalidating the cryptographic signatur...

9.8CVSS9.3AI score0.04636EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder