Lucene search
K

2126 matches found

OSV
OSV
added 2026/05/29 7:39 p.m.7 views

GHSA-HPV4-5H6F-WQR3 russh server userauth state is not reset when authentication principal changes

Summary The russh server authentication path keeps internal userauth state across SSHMSGUSERAUTHREQUEST messages without separating that state when the request principal changes. RFC 4252 allows the user name and service name fields to change between authentication requests. The issue is not that...

5.3CVSS5.8AI score0.00218EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/29 7:39 p.m.18 views

russh server userauth state is not reset when authentication principal changes

Summary The russh server authentication path keeps internal userauth state across SSHMSGUSERAUTHREQUEST messages without separating that state when the request principal changes. RFC 4252 allows the user name and service name fields to change between authentication requests. The issue is not that...

5.3CVSS5.8AI score0.00218EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/21 1:24 p.m.9 views

CVE-2026-44053

A flaw was found in Netatalk. Weak cryptography in the dhcast128 User Authentication Module UAM allows a remote attacker to potentially compromise the confidentiality and integrity of data. This vulnerability could enable unauthorized access to sensitive information or allow for the manipulation ...

7.4CVSS5.6AI score0.00301EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/21 7:34 a.m.38 views

CVE-2026-44053 Weak cryptography in DHCAST128 UAM

Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...

7.4CVSS0.00301EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/21 7:34 a.m.11 views

EUVD-2026-31232

Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...

7.4CVSS5.8AI score0.00301EPSS
Exploits0References1
CVE
CVE
added 2026/05/21 7:34 a.m.20 views

CVE-2026-44053

Netatalk 1.5.0–4.2.2 uses weak cryptography in the DHCAST128 UAM, enabling remote credential theft or user impersonation. The issue is fixed in Netatalk 4.5.0. Affected products: Netatalk 1.5.0–4.2.2; vulnerability: weak cryptographic algorithm in DHCAST128 UAM; impact: confidentiality and integr...

7.4CVSS5.8AI score0.00301EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.13 views

PT-2026-42109

Name of the Vulnerable Software and Affected Versions memcached versions prior to 1.6.42 Description Username data for SASL password database authentication contains a timing side channel. This occurs because the sasl server userdb checkpass function utilizes a loop that terminates immediately up...

8.1CVSS5.8AI score0.01312EPSS
Exploits0References42
OSV
OSV
added 2026/05/16 1:36 a.m.7 views

CLSA-2026-1778895374 Fix CVE(s): CVE-2026-7598

SECURITY UPDATE: Fix integer overflow in userauthpassword usernamelen/passwordlen bounds checks - debian/patches/CVE-2026-7598.patch: Fix integer overflow in userauthpassword usernamelen/passwordlen bounds checks - CVE-2026-7598...

9.1CVSS5.9AI score0.00466EPSS
Exploits0References1
OSV
OSV
added 2026/05/12 4:18 p.m.4 views

CLSA-2026-1778602690 Fix CVE(s): CVE-2026-7598

SECURITY UPDATE: fix integer overflow in usernamelen bounds checks across userauthlist, userauthpassword and password change paths in src/userauth.c - debian/patches/CVE-2026-7598.patch: fix integer overflow in usernamelen bounds checks across userauthlist, userauthpassword and password change...

9.1CVSS7.2AI score0.00466EPSS
Exploits0References1
Nextcloud
Nextcloud
added 2026/05/12 9:12 a.m.17 views

Authentication Bypass in ID4me handling via Missing JWT Signature Verification in User OIDC

None...

8.1CVSS5.8AI score0.00329EPSS
Exploits1References2Affected Software1
Nextcloud
Nextcloud
added 2026/05/12 9:8 a.m.12 views

Wrong condition in the User OIDC app's LdapService allowed deleted LDAP users to authenticate

None...

8.8CVSS5.8AI score0.00193EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/08 7:21 p.m.9 views

CVE-2026-7598

A flaw was found in the libssh2 library. A remote attacker can exploit an integer overflow vulnerability in the userauthpassword function by manipulating the usernamelen or passwordlen arguments and cause a heap-based buffer overflow. This leads to a crash to the application linked to the library...

9.1CVSS7.6AI score0.00466EPSS
Exploits0References9
OSV
OSV
added 2026/05/07 10:31 p.m.5 views

GHSA-V7QW-HX66-4W9X netbox-data-flows has stored XSS in ObjectAlias names rendered inside DataFlow tables

Summary An authenticated user who can create or edit ObjectAlias objects can store arbitrary HTML/JavaScript in an alias name. That payload is later rendered unescaped in DataFlow table views, causing a stored XSS when another user views the affected page. Details The issue is caused by unsafe HT...

8.7CVSS5.9AI score
Exploits0References2
EUVD
EUVD
added 2026/05/06 9:31 p.m.10 views

EUVD-2026-27879

A buffer overflow vulnerability in the User-ID™ Authentication Portal aka Captive Portal service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. T...

9.3CVSS6.6AI score0.32074EPSS
Exploits6References3
ATTACKERKB
ATTACKERKB
added 2026/05/04 5:30 p.m.7 views

CVE-2026-42092

titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscribe via DDP and receive sensitive configuration fields such as googlesecret, openaiapikey, and...

6.5CVSS5.8AI score0.00219EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/01 9:30 p.m.43 views

CVE-2026-7598 libssh2 userauth.c userauth_password integer overflow

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...

7.5CVSS0.00466EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/01 9:30 p.m.4 views

CVE-2026-7598 libssh2 userauth.c userauth_password integer overflow

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...

7.5CVSS7AI score0.00466EPSS
Exploits0References6
CVE
CVE
added 2026/05/01 9:30 p.m.134 views

CVE-2026-7598

CVE-2026-7598 affects libssh2 up to 1.11.1. The vulnerability resides in userauth_password in src/userauth.c, where manipulation of username_len/password_len can trigger an integer overflow in the SSH USERAUTH_REQUEST buffer. Exploitation is described as potentially remote. A patch is available (...

9.1CVSS7AI score0.00466EPSS
Exploits0References11Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.7 views

PT-2026-36550

Name of the Vulnerable Software and Affected Versions libssh2 versions prior to 1.11.2 Description An integer overflow exists in the userauth password function within the src/userauth.c file. This issue occurs due to the incorrect handling of the username len and password len arguments during SSH...

7.5CVSS7.2AI score0.00466EPSS
Exploits0References34
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.8 views

libssh2 数字错误漏洞

libssh2 is The libssh2 project open source a client C library that implements the SSH2 protocol , it can execute remote commands , file transfers , as well as for remote programs to provide a secure transmission channel . libssh2 1.11.1 and earlier versions of the number error vulnerability , the...

7.5CVSS7.3AI score0.00466EPSS
Exploits0References1
Rows per page
Query Builder