Lucene search
K

44 matches found

RedHat Linux
RedHat Linux
added 5 days ago5 views

golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey

A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority CA. A remote attacker could potentially exploit this by presenting a revoked key, leading t...

9.1CVSS6AI score0.00487EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 5 days ago7 views

golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey

A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority CA. A remote attacker could potentially exploit this by presenting a revoked key, leading t...

9.1CVSS6AI score0.00487EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 6 days ago3 views

golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey

A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority CA. A remote attacker could potentially exploit this by presenting a revoked key, leading t...

9.1CVSS6AI score0.00487EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-57172

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, ShareSecretManage uses a hardcoded default share link signature key, allowing an attacker who can obtain a passwordless share for a resource and user to use the known key link-pwd-fit2cloud to forge linkToken JWTs,...

8.3CVSS5.9AI score0.00289EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.9 views

PT-2026-56254

Name of the Vulnerable Software and Affected Versions DataEase versions prior to 2.10.24 Description The ShareSecretManage component uses a hardcoded default share link signature key. An attacker who obtains a passwordless share for a resource and user can use the known key link-pwd-fit2cloud to...

8.3CVSS6AI score0.00289EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/07/06 5:18 a.m.4 views

golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey

A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority CA. A remote attacker could potentially exploit this by presenting a revoked key, leading t...

9.1CVSS6AI score0.00487EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2026/06/25 10:22 p.m.8 views

golang.org/x/crypto vulnerable to auth bypass via unenforced @revoked status

Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for @revoked...

9.1CVSS6AI score0.00487EPSS
Exploits0References22Affected Software1
EUVD
EUVD
added 2026/06/25 10:22 p.m.11 views

EUVD-2026-31399

golang.org/x/crypto/ssh/knownhosts vulnerable to auth bypass via unenforced @revoked status...

9.1CVSS5.8AI score0.00487EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 10:22 p.m.4 views

GHSA-5CGQ-3RG8-M6CV golang.org/x/crypto vulnerable to auth bypass via unenforced @revoked status

Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for @revoked...

9.1CVSS6AI score0.00487EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2023 : amazon-cloudwatch-agent (ALAS2023-2026-1896)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1896 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 The RSA and DSA public key parsers did not enforce size limits on key parameters. A...

10CVSS7AI score0.03153EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.7 views

Amazon Linux 2 : containerd, --advisory ALAS2ECS-2026-122 (ALASECS-2026-122)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-122 advisory. The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an...

10CVSS7AI score0.03153EPSS
Exploits2References14
Amazon
Amazon
added 2026/06/08 12:0 a.m.20 views

Important: docker

Issue Overview: The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated client...

10CVSS5.6AI score0.00533EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.12 views

Amazon Linux 2 : docker, --advisory ALAS2DOCKER-2026-126 (ALASDOCKER-2026-126)

The version of docker installed on the remote host is prior to 25.0.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-126 advisory. The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an...

10CVSS6.9AI score0.03153EPSS
Exploits2References16
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.11 views

CVE-2026-42508

A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority CA. A remote attacker could potentially exploit this by presenting a revoked key, leading t...

9.1CVSS5.4AI score0.00487EPSS
Exploits0References7
OSV
OSV
added 2026/06/04 5:36 p.m.8 views

GHSA-4VQC-WPWG-VH7J kas's late signature validation may allow unnoticed repository manipulations

Impact So far, kas checks out and processes repositories regarding configuration includes prior to validating signatures of those repositories. This may allow to replace on original repository with one under the control of an attacker under very specific conditions. First of all, the attacker mus...

2.1CVSS5.8AI score0.00021EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.27 views

PT-2026-46879

Impact So far, kas checks out and processes repositories regarding configuration includes prior to validating signatures of those repositories. This may allow to replace on original repository with one under the control of an attacker under very specific conditions. First of all, the attacker mus...

2.1CVSS5.8AI score0.00021EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.15 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-42508)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-42508 advisory. - Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocatio...

9.1CVSS5.8AI score0.00487EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/23 1:28 a.m.22 views

SUSE CVE-2026-42508

Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for @revoked...

8.1CVSS5.8AI score0.00487EPSS
Exploits0References33
NVD
NVD
added 2026/05/22 4:16 a.m.14 views

CVE-2026-42508

Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for @revoked...

9.1CVSS0.00487EPSS
Exploits0References20
OSV
OSV
added 2026/05/22 4:16 a.m.9 views

UBUNTU-CVE-2026-42508

Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for @revoked...

9.1CVSS5.8AI score0.00487EPSS
Exploits0References9
Rows per page
Query Builder