Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.15 views

SUSE SLES15 Security Update : python-Django (SUSE-SU-2026:2318-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2318-1 advisory. This update for python-Django fixes the following issues - CVE-2026-6873: signed cookie salt namespace collision in...

5.3CVSS5.5AI score0.00359EPSS
Exploits0References16
OSV
OSV
added 2026/04/10 6:31 p.m.4 views

GHSA-6HG6-V5C8-FPHQ Apache Log4j Core: `verifyHostName` attribute silently ignored in TLS configuration

The fix for CVE-2025-68161 was incomplete: it addressed hostname verification only when enabled via the log4j2.sslVerifyHostName system property, but not when configured through the verifyHostName attribute of the element. Although the verifyHostName configuration attribute was introduced in Log4...

6.3CVSS5.8AI score0.00395EPSS
Exploits0References7
EUVD
EUVD
added 2026/04/10 6:31 p.m.4 views

EUVD-2026-21407

The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addressed hostname verification only when enabled via the log4j2.sslVerifyHostName https://logging.apache.org/log4j/2.x/manual/systemproperties.htmllog4j2.sslVerifyHostName system property, but no...

6.3CVSS6.6AI score0.00743EPSS
Exploits1References6
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.6 views

Astra Linux – Vulnerability in syslog-ng

syslog-ng is an enhanced logging daemon. Prior to version 4.8.2, the tlswildcardmatch function matched against certificates like foo..bar, although this is not allowed. It is also possible to pass partial wildcards, such as foo.ac.bar, which glib logs match, but this should be avoided/disabled...

7.5CVSS7.1AI score0.0031EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-5015

Malware in sbrugna...

4.3CVSS6AI score0.02599EPSS
Exploits0References24
RedHat Linux
RedHat Linux
added 2025/05/13 8:49 a.m.5 views

golang-fips: Golang FIPS zeroed buffer

A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted...

6.5CVSS5.8AI score0.00298EPSS
Exploits0References5
Rows per page
Query Builder