Lucene search
K

16 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 6:11 a.m.8 views

Security Bulletin: IBM Maximo Application Suite uses net/http 1.23.4,1.24.2,1.24.3,crypto/x509 1.24.2,1.24.3 which is vulnerable to CVE-2025-4673, CVE-2025-22874.

Summary IBM Maximo Application Suite uses net/http 1.23.4,1.24.2,1.24.3, crypto/x509 1.24.2,1.24.3 which is vulnerable to CVE-2025-4673,CVE-2025-22874. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-4673 DESCRIPTION:...

7.5CVSS5.4AI score0.0056EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.5 views

TencentOS Server 3: go-toolset:rhel8 (TSSA-2025:0556)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0556 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

6.8CVSS6.5AI score0.0056EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.5 views

EulerOS 2.0 SP13 : golang (EulerOS-SA-2025-2292)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.CVE-2025-4673...

6.8CVSS6.5AI score0.0056EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/21 2:44 p.m.13 views

Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 1.0.305 Vulnerability Details CVEID:CVE-2025-0913 DESCRIPTION: os.OpenFilepath, os.OCREATE|OEXCL behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix...

9.8CVSS7.2AI score0.01735EPSS
Exploits3Affected Software1
Rockylinux
Rockylinux
added 2025/10/10 5:50 a.m.6 views

opentelemetry-collector security update

An update is available for opentelemetry-collector. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Collector with the supported components for a Rocky Enterpris...

6.8CVSS6.8AI score0.0056EPSS
Exploits0
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.6 views

opentelemetry-collector security update

An update is available for opentelemetry-collector. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Collector with the supported components for a Rocky Enterpri...

6.8CVSS7.4AI score0.0056EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/09/23 8:27 a.m.4 views

Moderate: Red Hat Security Advisory: opentelemetry-collector security update

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.8CVSS6.7AI score0.0056EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/09/12 12:0 a.m.7 views

openSUSE Security Advisory (SUSE-SU-2025:03159-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS6.8AI score0.00724EPSS
Exploits3References16
OSV
OSV
added 2025/08/13 8:6 p.m.6 views

CLSA-2025-1755115606 golang: Fix of CVE-2025-4673

CVE-2025-4673: remove Proxy-Authorization and Proxy-Authenticate headers from cross-origin redirects to prevent sensitive information leakage...

6.8CVSS6.8AI score0.0056EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2025/07/29 1:38 p.m.4 views

go-toolset:rhel8 security update

An update is available for module.go-toolset, golang, module.delve, go-toolset, module.golang, delve. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset...

6.8CVSS6.9AI score0.0056EPSS
Exploits0
Amazon
Amazon
added 2025/07/10 12:0 a.m.5 views

Medium: soci-snapshotter

Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: soci-snapshotter Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more abo...

6.8CVSS7AI score0.0056EPSS
Exploits0
Amazon
Amazon
added 2025/07/10 12:0 a.m.6 views

Medium: oci-add-hooks

Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: oci-add-hooks Note: This advisory is applicable to Amazon Linux 2 - Nitro-enclaves Extra. Visit this page to learn mor...

6.8CVSS7AI score0.0056EPSS
Exploits0
Amazon
Amazon
added 2025/07/10 12:0 a.m.3 views

Medium: runfinch-finch

Issue Overview: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. CVE-2025-22874 Proxy-Authorization and Proxy-Authenticate headers...

7.5CVSS6.8AI score0.0056EPSS
Exploits0
OSV
OSV
added 2025/07/04 2:43 p.m.7 views

OESA-2025-1742 golang security update

. Security Fixes: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.CVE-2025-4673...

6.8CVSS7AI score0.0056EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/06/26 8:22 a.m.4 views

Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: Update to version 1.24.4 bsc1236217: CVE-2025-22874 crypto/x509: ExtKeyUsageAny bypasses policy validation bsc1244158. CVE-2025-0913 os: inconsistent handling of OCREATE|OEXCL on Unix and Windows bsc1244157. CVE-2025-4673 net/http:...

8.9CVSS7.2AI score0.0056EPSS
Exploits0References16
Amazon
Amazon
added 2025/06/24 12:0 a.m.4 views

Medium: amazon-cloudwatch-agent

Issue Overview: The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result i...

7.5CVSS7.1AI score0.0056EPSS
Exploits0
Rows per page
Query Builder