51 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-1858
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private...
SUSE CVE-2026-1858
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
CVE-2026-1858
A flaw was found in wget2. This vulnerability allows a remote attacker, who has compromised a server certificate, to reuse it for Transport Layer Security TLS server authentication, even if the certificate was issued for a different purpose. This improper validation enables the attacker to...
CVE-2026-1858
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
UBUNTU-CVE-2026-1858
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
CVE-2026-1858
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
CVE-2026-1858 wget2 Improper Certificate Validation
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
CVE-2026-1858 wget2 Improper Certificate Validation
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
CVE-2026-1858
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
wget2 输入验证错误漏洞
wget2 is a network file retrieval tool from the American GNU community that supports high-performance concurrent downloads and modern protocol features. wget2 has a vulnerability related to input validation. This vulnerability arises from accepting server certificates with incorrect key purposes ...
openSUSE 16 Security Update : wget2 (openSUSE-SU-2026:20038-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20038-1 advisory. Changes in wget2: - Update to release 2.2.1 Fix file overwrite issue with metalink CVE-2025-69194 bsc1255728 Fix remote buffer overflow in...
OPENSUSE-SU-2026:20038-1 Security update for wget2
This update for wget2 fixes the following issues: Changes in wget2: - Update to release 2.2.1 Fix file overwrite issue with metalink CVE-2025-69194 bsc1255728 Fix remote buffer overflow in getlocalfilenamereal CVE-2025-69195 bsc1255729 Fix a redirect/mirror regression from 400713ca Use the local...
Mageia: Security Advisory (MGASA-2026-0002)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2026-28b0f7bd35)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Wget2: arbitrary file write via metalink path traversal in gnu wget2
...
Updated wget2 packages fix security vulnerability
Arbitrary File Write via Metalink Path Traversal in GNU Wget2. CVE-2025-69194...
MGASA-2026-0002 Updated wget2 packages fix security vulnerability
Arbitrary File Write via Metalink Path Traversal in GNU Wget2. CVE-2025-69194...
Fedora 42 : wget2 (2026-28b0f7bd35)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-28b0f7bd35 advisory. New version 2.2.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
AZL-73904 CVE-2025-69195 affecting package wget for versions less than 2.1.0-7
A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted...
CVE-2025-69195
A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted...