Lucene search
+L

193 matches found

cvelist
cvelist
added 2026/07/09 7:23 a.m.33 views

CVE-2026-31985 Disabled and non-configurable TLS certificate validation in n2os-tui when connecting the Remote Collector to a Guardian or CMC, in Remote Collector before v26.2.0

When the upstream Guardian or CMC was configured in the Remote Collector via n2os-tui, the generated configuration disabled TLS certificate verification, and no option was provided to enable it. A malicious actor could perform a man-in-the-middle attack and intercept the communication between the...

8.3CVSS0.00121EPSS
Exploits0References1
fedora
fedora
added 2026/07/07 12:51 a.m.9 views

[SECURITY] Fedora 44 Update: podman-tui-1.11.3-1.fc44

podman-tui is a terminal user interface for Podman. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

9.1CVSS6.9AI score0.00651EPSS
Exploits1
nozomi
nozomi
added 2026/07/07 12:0 a.m.5 views

Disabled and non-configurable TLS certificate validation in n2os-tui when connecting the Remote Collector to a Guardian or CMC, in Remote Collector before v26.2.0

Summary When the upstream Guardian or CMC was configured in the Remote Collector via n2os-tui, the generated configuration disabled TLS certificate verification, and no option was provided to enable it. Impact A malicious actor could perform a man-in-the-middle attack and intercept the...

8.3CVSS6AI score0.00121EPSS
Exploits0Affected Software1
euvd
euvd
added 2026/07/04 11:30 a.m.8 views

EUVD-2026-41664

A security flaw has been discovered in NousResearch hermes-agent up to 0.15.2. The affected element is the function shell.exec of the file tuigateway/server.py. The manipulation results in protection mechanism failure. It is possible to launch the attack remotely. The exploit has been released to...

6.5CVSS6.2AI score0.00224EPSS
Exploits0References5
fedora
fedora
added 2026/06/29 1:11 a.m.8 views

[SECURITY] Fedora 43 Update: podman-tui-1.11.2-1.fc43

podman-tui is a terminal user interface for Podman. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

7.5CVSS6.7AI score0.00651EPSS
Exploits1
fedora
fedora
added 2026/06/29 12:58 a.m.6 views

[SECURITY] Fedora 44 Update: podman-tui-1.11.2-1.fc44

podman-tui is a terminal user interface for Podman. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

7.5CVSS6.7AI score0.00651EPSS
Exploits1
nessus
nessus
added 2026/06/29 12:0 a.m.8 views

Fedora 43 : podman-tui (2026-ac94948c8a)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ac94948c8a advisory. release 1.11.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

7.5CVSS6.7AI score0.00651EPSS
Exploits1References4
nessus
nessus
added 2026/06/29 12:0 a.m.7 views

Fedora 44 : podman-tui (2026-c55ec73fe2)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c55ec73fe2 advisory. release 1.11.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

7.5CVSS6.7AI score0.00651EPSS
Exploits1References4
github
github
added 2026/05/14 8:29 p.m.15 views

DeepSeek TUI has SSRF‌ IPV6 bypass

Summary Although SSRF is validated against hostnames that resolve to private IPv6 addresses, when providing the IPV6 in‌‌ URL‌ as http://::1, the SSRF defenses do not work. Details...

7.4CVSS5.8AI score0.00239EPSS
Exploits0References6Affected Software1
snyk
snyk
added 2026/05/14 8:29 p.m.25 views

Server-side Request Forgery (SSRF)

Overview deepseek-tui is an Install and run deepseek and deepseek-tui binaries from GitHub release artifacts. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchurl process. An attacker can gain unauthorized access to internal resources by supplying ...

7.4CVSS5.8AI score0.00239EPSS
Exploits0References2
snyk
snyk
added 2026/05/14 8:29 p.m.36 views

Arbitrary Code Injection

Overview deepseek-tui is an Install and run deepseek and deepseek-tui binaries from GitHub release artifacts. Affected versions of this package are vulnerable to Arbitrary Code Injection via the runtests process. An attacker can execute arbitrary code by introducing malicious test code into a...

9.6CVSS6.2AI score0.00375EPSS
Exploits0References2
patchstack
patchstack
added 2026/05/14 8:29 p.m.9 views

NPM: DeepSeek TUI: run_tests Tool Enables RCE via Malicious Repository Without Approval

NPM: DeepSeek TUI: runtests Tool Enables RCE via Malicious Repository Without Approval vulnerability discovered by ? in WordPress Npm deepseek-tui versions = 0.3.0, 0.8.23...

9.6CVSS5.8AI score0.00375EPSS
Exploits0References3Affected Software1
snyk
snyk
added 2026/05/14 8:29 p.m.17 views

Server-side Request Forgery (SSRF)

Overview deepseek-tui is an Install and run deepseek and deepseek-tui binaries from GitHub release artifacts. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetchurl process. An attacker can access sensitive internal resources by supplying a URL that...

7.4CVSS5.8AI score0.00226EPSS
Exploits0References2
patchstack
patchstack
added 2026/05/14 8:29 p.m.10 views

NPM: DeepSeek TUI has SSRF via HTTP Redirect Bypass in fetch_url Tool

NPM: DeepSeek TUI has SSRF via HTTP Redirect Bypass in fetchurl Tool vulnerability discovered by ? in WordPress Npm deepseek-tui versions 0.8.22...

7.4CVSS5.8AI score0.00226EPSS
Exploits0References3Affected Software1
ossf
ossf
added 2026/03/20 3:31 p.m.13 views

Malicious code in tui-ascii-art (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4358458e150317ab394c6dd2d0137a8c395a32bae309cc1bfd829f123dab1393 These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

5.9AI score
Exploits0References1
vulnersosv
vulnersosv
added 2026/02/18 10:44 p.m.6 views

org.webjars.npm:github-com-nhn-tui-image-editor (=3.10.1), org.webjars.npm:tui-image-editor (=3.15.3) potentially affected by CVE-2026-27013 via org.webjars.npm:fabric (>=3.6.0 <=4.5.0)

org.webjars.npm:fabric MAVEN version =3.6.0, =4.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:fabric and may be impacted: - org.webjars.npm:github-com-nhn-tui-image-editor =3.10.1 - org.webjars.npm:tui-image-editor =3.15.3 Source...

7.6CVSS5.8AI score0.00281EPSS
Exploits1
packetstormnews
packetstormnews
added 2026/02/18 12:0 a.m.5 views

Aether Smart Contract Security Analysis Framework 4.7.1

Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...

5.5AI score
Exploits0
veeam
veeam
added 2025/12/15 12:0 a.m.32 views

How to Configure HTTP Proxy for Linux-based Veeam Components

Purpose This article documents how to configure HTTP and HTTPS Proxy settings for Linux-based components, including the Veeam Software Appliance and JeOS-deployed Veeam Infrastructure Appliances, in environments that require a proxy to access the internet. Note: For proxy configuration settings f...

6.1AI score
Exploits0Affected Software1
euvd
euvd
added 2025/11/12 7:18 p.m.3 views

EUVD-2025-137317

Malicious code in reion-tui-pix npm...

6.6AI score
Exploits0
euvd
euvd
added 2025/11/12 7:18 p.m.4 views

EUVD-2025-135675

Malicious code in teriu-tui-pix npm...

6.6AI score
Exploits0
Rows per page
Query Builder