Lucene search
K

418 matches found

OSV
OSV
added 2026/04/09 9:32 p.m.6 views

JLSEC-2026-64

ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host...

7.1CVSS7.1AI score0.03422EPSS
Exploits1References18
OSV
OSV
added 2026/04/09 9:32 p.m.5 views

JLSEC-2026-69

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS7.1AI score0.00426EPSS
Exploits0References14
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/03 12:0 a.m.4 views

Security update for keybase-client (important)

openSUSE Security Update: Security update for keybase-client Announcement ID: openSUSE-SU-2026:0117-1 Rating: important References: 1253563 1253864 1254023 Cross-References: CVE-2025-47913 CVE-2025-47914 CVE-2025-58181 CVSS scores: CVE-2025-47913 SUSE: 8.7...

8.7CVSS6.8AI score0.00591EPSS
Exploits1References3
OSV
OSV
added 2026/03/27 10:9 a.m.3 views

SUSE-SU-2026:20949-1 Security update for docker-compose

This update for docker-compose fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253584. - CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validat...

8.9CVSS6.7AI score0.13848EPSS
Exploits1References7
OSV
OSV
added 2026/03/27 10:9 a.m.7 views

SUSE-SU-2026:20976-1 Security update for docker-compose

This update for docker-compose fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253584. - CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validat...

8.9CVSS7AI score0.13848EPSS
Exploits1References7
OSV
OSV
added 2026/03/27 10:4 a.m.4 views

OPENSUSE-SU-2026:20438-1 Security update for docker-compose

This update for docker-compose fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253584. - CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validat...

8.9CVSS6.9AI score0.13848EPSS
Exploits1References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 1:0 p.m.7 views

Security Bulletin: Memory Safety Vulnerabilities in SSH Agents and Servers: Out-of-Bounds Read and Unbounded Memory Consumption, affects watsonx.data

Summary SSH Agent servers are vulnerable to out-of-bounds reads when processing malformed new identity requests, which can cause the agent to panic. Additionally, SSH servers handling GSSAPI authentication requests do not validate the number of mechanisms specified, potentially allowing attackers...

5.3CVSS6.7AI score0.00521EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/03/23 2:37 a.m.46 views

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS6.7AI score0.00591EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.10 views

RHEL 9 : podman (RHSA-2026:5222)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5222 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...

7.5CVSS6.7AI score0.00591EPSS
Exploits1References4
Redos
Redos
added 2026/03/20 12:0 a.m.6 views

ROS-20260320-73-0007

A vulnerability in the ssh-agent library ssh-agent server for the Go crypto programming language involves reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.3CVSS6.9AI score0.00473EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.7 views

RHEL 10 : podman (RHSA-2026:5167)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5167 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...

7.5CVSS6.7AI score0.00591EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/03/17 6:49 a.m.7 views

Important: Red Hat Security Advisory: container-tools:rhel8 security update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

8.4CVSS5.9AI score0.0067EPSS
Exploits6References7
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.10 views

Oracle Linux 8 : container-tools:rhel8 (ELSA-2026-4672)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-4672 advisory. - rebuild for CVE-2025-68121 - rebuild for CVE-2025-61729 - fixes 'CVE-2025-47913 container-tools:rhel8/buildah: golang.org/x/crypto/ssh/agent: SSH...

10CVSS7.3AI score0.02293EPSS
Exploits10References4
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.8 views

RHEL 8 : container-tools:rhel8 (RHSA-2026:4693)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4693 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc:...

8.4CVSS6.7AI score0.0067EPSS
Exploits6References14
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/16 4:30 a.m.5 views

Security Bulletin: Unexpected SSH_AGENT_SUCCESS Response Causes Client Panic and Premature Termination in SSH Client, affects watsonx.data

Summary SH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-47913 DESCRIPTION: SSH clients receiving SSHAGENTSUCCESS when expecting a typed response wi...

7.5CVSS5.7AI score0.00591EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.6 views

EulerOS Virtualization 2.10.0 : curl (EulerOS-SA-2026-1552)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that...

6.3CVSS6AI score0.00611EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.5 views

EulerOS 2.0 SP12 : curl (EulerOS-SA-2026-1386)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally an...

6.3CVSS5.9AI score0.00611EPSS
Exploits3References5
OSV
OSV
added 2026/03/13 12:33 p.m.8 views

CLSA-2026-1773405202 curl: Fix of CVE-2025-15224

CVE-2025-15224: fix libssh public-key auth fallback to SSH agent...

3.1CVSS7.2AI score0.00413EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/03/13 12:0 a.m.6 views

RHEL 9 : buildah (RHSA-2026:4532)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4532 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...

7.5CVSS6AI score0.00591EPSS
Exploits3References10
RedHat Linux
RedHat Linux
added 2026/03/12 9:1 p.m.7 views

Important: Red Hat Security Advisory: buildah security update

An update for buildah is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.1AI score0.00591EPSS
Exploits3References5
Rows per page
Query Builder