|
1421
|
7.5 |
HIGH
Network
|
p11-kit_project
redhat
|
p11-kit
hardened_images
enterprise_linux
|
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters se…
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2026-2100
|
2026-04-25 11:16 |
2026-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1422
|
7.5 |
HIGH
Network
|
p11-kit_project
redhat
|
p11-kit
hardened_images
enterprise_linux
|
Se encontró una falla en p11-kit. Un atacante remoto podría explotar esta vulnerabilidad al llamar a la función C_DeriveKey en un token remoto con parámetros específicos del mecanismo de derivación I…
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2026-2100
|
2026-04-25 11:16 |
2026-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1423
|
7.8 |
HIGH
Local
|
-
|
-
|
A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH (Secure Shell) connections, and manipulation of trusted host information, posing a si…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2025-14821
|
2026-04-25 09:16 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1424
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2026-6175
|
2026-04-25 08:16 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1425
|
6.5 |
MEDIUM
Network
|
-
|
-
|
The API function `ssh_get_hexa()` is vulnerable, when 0-lenght
input is provided to this function. This function is used internally
in `ssh_get_fingerprint_hash()` and `ssh_print_hexa()` (deprecated)…
|
CWE-124
Buffer Underflow
|
CVE-2026-0966
|
2026-04-25 08:16 |
2026-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1426
|
6.5 |
MEDIUM
Network
|
-
|
-
|
La función API 'ssh_get_hexa()' es vulnerable cuando se proporciona una entrada de longitud 0 a esta función. Esta función se utiliza internamente en 'ssh_get_fingerprint_hash()' y 'ssh_print_hexa()'…
|
CWE-124
Buffer Underflow
|
CVE-2026-0966
|
2026-04-25 08:16 |
2026-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1427
|
3.7 |
LOW
Network
|
-
|
-
|
A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially cr…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-0988
|
2026-04-25 06:16 |
2026-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1428
|
3.7 |
LOW
Network
|
-
|
-
|
Se encontró una vulnerabilidad en glib. La falta de validación de los parámetros offset y count en la función g_buffered_input_stream_peek() puede conducir a un desbordamiento de entero durante el cá…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-0988
|
2026-04-25 06:16 |
2026-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1429
|
6.5 |
MEDIUM
Network
|
linuxfoundation
|
tekton_pipelines
|
Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. From 1.0.0 to 1.10.0, the Tekton Pipelines git resolver in API mode sends the system-configured Git API toke…
|
CWE-201
NVD-CWE-noinfo
Insertion of Sensitive Information Into Sent Data
|
CVE-2026-40161
|
2026-04-25 05:55 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1430
|
7.5 |
HIGH
Network
|
signalk
|
signal_k_server
|
Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.25.0 are vulnerable to an unauthenticated Regular Expression Denial of Service (ReDoS) attack within …
|
CWE-400
CWE-1333
Uncontrolled Resource Consumption
Inefficient Regular Expression Complexity
|
CVE-2026-39320
|
2026-04-25 05:51 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
