CVE-2026-2379 Arista EOS IPsec Tunnel Sequence Number Mismatch via Interface Flaps when Anti-Replay is Disabled

On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain agent restarts can cause IPsec tunnel re-establishment with existing Security Associations, resulti...

CVE-2026-2379 Arista EOS IPsec Tunnel Sequence Number Mismatch via Interface Flaps when Anti-Replay is Disabled

On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain agent restarts can cause IPsec tunnel re-establishment with existing Security Associations, resulti...

CVE-2026-2379

The CVE-2026-2379 issue affects Arista EOS on hardware IPSec platforms where anti-replay is disabled. When IPsec is enabled, specific events (physical interface flaps or certain agent restarts) can trigger IPsec tunnel re-establishment using existing SAs, causing sequence number mismatches betwee...

JLSEC-2026-249 Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when...

Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...

CVE-2026-23440

CVE-2026-23440 is a Linux kernel vulnerability in the net/mlx5e IPSec ESN update path. A race condition could cause the ESN wrap event to be processed twice: after validating the event, the driver updates the kernel xfrm state and the lock is temporarily released, risking incorrect ESN high-order...

CVE-2026-23440

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix race condition during IPSec ESN update In IPSec full offload mode, the device reports an ESN Extended Sequence Number wrap event to the driver. The driver validates this event by querying the IPSec ASO and checking...

CVE-2025-65552

D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The system does not implement rolling codes, message authentication, or anti-replay protection, allowing an attacker within RF range to record valid alarm/control frames an...

CVE-2025-65552

D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The system does not implement rolling codes, message authentication, or anti-replay protection, allowing an attacker within RF range to record valid alarm/control frames an...

CVE-2025-65552

D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The system does not implement rolling codes, message authentication, or anti-replay protection, allowing an attacker within RF range to record valid alarm/control frames an...

D3D ZX-G12 安全漏洞

D3D ZX-G12 is a multi-functional smart home security alarm system from D3D India. A security vulnerability exists in D3D ZX-G12 v2.1.1, which stems from the lack of rolling code and anti-replay protection in the 433 MHz sensor communication channel, which could lead to a replay attack triggering ...

CVE-2025-65552

D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The system does not implement rolling codes, message authentication, or anti-replay protection, allowing an attacker within RF range to record valid alarm/control frames an...

CVE-2025-65552

Vulnerability summary (CVE-2025-65552): D3D Wi‑Fi Home Security System ZX‑G12, version 2.1.1, is vulnerable due to lack of rolling codes, message authentication, and anti‑replay protection on the 433 MHz sensor channel. An attacker within RF range can record valid alarm/control frames and replay ...

PT-2026-2268

Name of the Vulnerable Software and Affected Versions D3D Wi-Fi Home Security System ZX-G12 version 2.1.1 Description The D3D Wi-Fi Home Security System ZX-G12 version 2.1.1 is susceptible to RF replay attacks on the 433 MHz sensor communication channel. The system lacks essential security measur...

EUVD-2013-5388

Malware in sbrugna...

EUVD-2025-16312

Malicious code in bioql PyPI...

EUVD-2025-25624

Malicious code in bioql PyPI...

EUVD-2016-3266

Malicious code in bioql PyPI...

CVE-2025-57801

gnark is a zero-knowledge proof system framework. In versions prior to 0.14.0, the Verify function in eddsa.go and ecdsa.go used the S value from a signature without asserting that 0 ≤ S order, leading to a signature malleability vulnerability. Because gnark’s native EdDSA and ECDSA circuits lack...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to missing scalar checks in the Verify and prepareVerification functions. An attacker can produce multiple valid signatures for the same message by manipulating the S value in EdDSA a...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to missing scalar checks in the Verify and prepareVerification functions. An attacker can produce multiple valid signatures for the same message by manipulating the S value in EdDSA a...