Post-quantum X509 Signature Algorithms

This plugin detects which post-quantum TLS signature algorithms are supported by the remote service. TRUSTED...

Target Cipher Inventory

This plugin collects cryptographic ciphers and algorithms discovered during the scan as a machine parsable JSON file attachment. TRUSTED...

AMS Development GAMS 安全漏洞

AMS Development GAMS is an algebraic modeling system from AMS Development India. AMS Development GAMS suffers from a security vulnerability that stems from checksums and the use of insecure algorithms that could lead to the generation of an unlimited valid license...

Security update for helm

This update for helm fixes the following issues: Update to version 3.19.1 CVE-2025-53547: Fixed local code execution in Helm Chart. bsc1246152 CVE-2025-58190: Fixed excessive memory consumption by html.ParseFragment when processing specially crafted input. bsc1251649 CVE-2025-47911: Fixed various...

PT-2025-47822

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description With TLS 1.2 connections, a client can utilize any digest algorithm, including weaker ones that are supported, instead of adhering to the digests specified in the CertificateRequest. Recommendations At the...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to loss of confidentiality [CVE-2025-1993]

Summary IBM App Connect Enterprise Certified Container DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cryptographic algorithms that could be decrypted by a local user. This bulletin provides patch information to address the vulnerability in I...

Desktop Alert Unspecified Vulnerability in PingAlert (CNVD-2025-29434)

Desktop Alert PingAlert is a network status monitoring tool developed by DesktopAlert, Inc. and is mainly used to monitor the status of network devices in real time and send alerts. An unspecified vulnerability exists in Desktop Alert PingAlert, which arises from the presence of corrupt or insecu...

Siemens SIMATIC S7-1500 Double Free (CVE-2023-25136)

OpenSSH server sshd 9.1 introduced a double-free vulnerability during options.kexalgorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One...

Siemens SIMATIC S7-1500 Incorrect Type Conversion or Cast (CVE-2020-10735)

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using inttext, a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are not...

Botan C++ Crypto Algorithms Library 3.10.0

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS 10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to...

SoK: Systematizing a Decade of Architectural RowHammer Defenses through the Lens of Streaming Algorithms

A decade after its academic introduction, RowHammer RH remains a moving target that continues to challenge both the industry and academia. With its potential to serve as a critical attack vector, the ever-decreasing RH threshold now threatens DRAM process technology scaling, with a superlinearly...

[SECURITY] Fedora 42 Update: GeographicLib-2.5.2-1.fc42

GeographicLib is a small set of C++ classes for performing conversions between geographic, UTM, UPS, MGRS, geocentric, and local Cartesian coordinates, for gravity e.g., EGM2008, geoid height and geomagnetic field e.g., WMM2010 calculations, and for solving geodesic problems. The emphasis is on...

CVE-2025-40063 crypto: comp - Use same definition of context alloc and free ops

In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...

[SECURITY] Fedora 41 Update: openssl-3.2.6-2.fc41

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

SUSE CVE-2023-53684

In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random possibly sensitve data and should never be give...

CVE-2023-53684

In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random possibly sensitve data and should never be give...

UBUNTU-CVE-2023-53684

In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random possibly sensitve data and should never be give...

CVE-2023-53684 xfrm: Zero padding when dumping algos and encap

In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random possibly sensitve data and should never be give...

CVE-2023-53684

In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random possibly sensitve data and should never be give...

CVE-2023-53684 xfrm: Zero padding when dumping algos and encap

In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random possibly sensitve data and should never be give...