CVE-2026-22705

RustCrypto: Signatures offers support for digital signatures, which provide authentication of data using public-key cryptography. Prior to version 0.1.0-rc.2, a timing side-channel was discovered in the Decompose algorithm which is used during ML-DSA signing to generate hints for the signature...

CVE-2026-22705

creationtimestamp| type| source ---|---|--- 2026-01-10 08:01:06+00:00| published-proof-of-concept| Telegram/WQqRawnFxdQj2C7QSZvJhJYu2ip6AHddUppaVRsAsIpfVRo 2026-01-10 08:40:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mc2mffgb2d2e 2026-01-24 21:25:36+00:00| seen|...

CVE-2026-22705 RustCrypto: Signatures has timing side-channel in ML-DSA decomposition

RustCrypto: Signatures offers support for digital signatures, which provide authentication of data using public-key cryptography. Prior to version 0.1.0-rc.2, a timing side-channel was discovered in the Decompose algorithm which is used during ML-DSA signing to generate hints for the signature...

ap-proxy-client (>=0.3.0 <=0.8.0), ap-proxy-protocol (>=0.3.0 <=0.8.0) +2 more potentially affected by CVE-2026-22705 via ml-dsa (=0.0.4)

ml-dsa CARGO version =0.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on ml-dsa and may be impacted: - ap-proxy-client =0.3.0, =0.3.0, =0.1.0, =0.0.1-pre.0, =0.0.12 Source cves: CVE-2026-22705 Source advisory: OSV:RUSTSEC-2025-0144...

CVE-2025-22705

Cross-Site Request Forgery CSRF vulnerability in godthor Disqus Popular Posts disqus-popular-posts allows Reflected XSS.This issue affects Disqus Popular Posts: from n/a through = 2.1.1...

CVE-2025-22705

Cross-Site Request Forgery CSRF vulnerability in godthor Disqus Popular Posts disqus-popular-posts allows Reflected XSS.This issue affects Disqus Popular Posts: from n/a through = 2.1.1...

CVE-2025-22705 WordPress Disqus Popular Posts plugin <= 2.1.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in godthor Disqus Popular Posts disqus-popular-posts allows Reflected XSS.This issue affects Disqus Popular Posts: from n/a through = 2.1.1...

CVE-2025-22705

CVE-2025-22705 : A CSRF vulnerability in WordPress plugin Disqus Popular Posts (versions

Ubuntu: Security Advisory (USN-6724-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-6724-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-30338

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

CVE-2024-30338 Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

CVE-2024-30338 Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

CVE-2024-30338

CVE-2024-30338 is a Foxit PDF Reader Use-After-Free vulnerability in the handling of Doc objects. The flaw stems from not validating the existence of a Doc object before performing operations, enabling an attacker to execute code in the current process. Exploitation requires user interaction (e.g...

CVE-2024-22705 affecting package kernel for versions less than 5.15.148.1-1

CVE-2024-22705 affecting package kernel for versions less than 5.15.148.1-1. A patched version of the package is available...

CVE-2024-22705

creationtimestamp| type| source ---|---|--- 2024-01-23 12:31:12+00:00| seen| https://t.me/ctinow/171902 2024-01-24 16:16:22+00:00| seen| https://t.me/ctinow/172882 2024-02-17 07:36:24+00:00| seen| https://t.me/ctinow/186802...

CVE-2024-22705

The CVE CVE-2024-22705 affects ksmbd in the Linux kernel prior to 6.6.10. It is caused by an issue in smb2_get_data_area_len (fs/smb/server/smb2misc.c) where the relationship between Name data and CreateContexts data can lead to an out-of-bounds access in smb_strndup_from_utf16. This is a local i...

CVE-2024-22705

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2getdataarealen in fs/smb/server/smb2misc.c can cause an smbstrndupfromutf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled...

CVE-2024-22705

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2getdataarealen in fs/smb/server/smb2misc.c can cause an smbstrndupfromutf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled...

CVE-2024-22705

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2getdataarealen in fs/smb/server/smb2misc.c can cause an smbstrndupfromutf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled...