CVE-2025-55082

In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was a potential out of bound read in nxsecuretlsprocessclienthello because of a missing validation of PSK length provided in the user message...

CVE-2025-55082 Potential out of bound read and info leak in_nx_secure_tls_psk_identity_find()

In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was a potential out of bound read in nxsecuretlsprocessclienthello because of a missing validation of PSK length provided in the user message...

EUVD-2025-34608

In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the nxsecuretlsprocessclienthello function was missing length verification of certain SSL/TLS client hello message: the ciphersuite length and compression method length. In case of an attacker-crafted message with values outside o...

Eclipse ThreadX NetX Duo 安全漏洞

Eclipse ThreadX NetX Duo is an IPv4 and IPv6 dual network stack for Eclipse ThreadX open source. A security vulnerability exists in Eclipse ThreadX NetX Duo versions prior to 6.4.4, which stems from a lack of validation of the cipher suite length and compression method length in SSL/TLS client...

EUVD-2014-9550

Malware in sbrugna...

EUVD-2015-1587

Malware in sbrugna...

EUVD-2015-6860

Malware in sbrugna...

EUVD-2014-3512

Malware in sbrugna...

EUVD-2015-7929

Malware in sbrugna...

EUVD-2018-4358

Malware in sbrugna...

EUVD-2024-34179

Malicious code in bioql PyPI...

EUVD-2024-21200

Malicious code in bioql PyPI...

EUVD-2023-27845

Malicious code in bioql PyPI...

CVE-2025-52494

Adacore Ada Web Server AWS before 25.2 is vulnerable to a denial-of-service DoS condition due to improper handling of SSL handshakes during connection initialization. When a client initiates an HTTPS connection, the server performs the SSL handshake before assigning the connection to a processing...

An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function.

...

CVE-2025-52494

Adacore Ada Web Server AWS before 25.2 is vulnerable to a denial-of-service DoS condition due to improper handling of SSL handshakes during connection initialization. When a client initiates an HTTPS connection, the server performs the SSL handshake before assigning the connection to a processing...

Linux Distros Unpatched Vulnerability : CVE-2024-11738

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message. CVE-2024-11738...

CVE-2024-58254

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-11738. Reason: This candidate is a duplicate of CVE-2024-11738. Notes: All CVE users should reference CVE-2024-11738 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

PT-2025-28032 · Rustls · Rustls

Name of the Vulnerable Software and Affected Versions: rustls versions 0.23.13 through 0.23.17 Description: The issue allows a panic via a fragmented TLS ClientHello when rustls::server::Acceptor::accept is used. Recommendations: For rustls versions 0.23.13 through 0.23.17, update to version...

TLS Downgrade Attack

github.com/refraction-networking/utls is vulnerable to TLS Downgrade Attack. The vulnerability is due to missing downgrade protection caused due to failure to implement and verify the downgrade canary in TLS 1.3 handshakes when using a custom ClientHello spec, allowing an attacker to force a...