54 matches found
RUSTSEC-2026-0125 Signature Verification on AVX2 Platforms Mishandles Edge Case
The AVX2 implementation of ML-DSA verification incorrectly implemented the usehint function, mishandling an edge case that should lead to signature rejection. Impact An attacker could make the ML-DSA verifier accept a crafted invalid signature under a maliciously generated verification key, if th...
MiracleLinux 4 : bind-9.8.2-0.37.7.0.1.rc1.AXS4 (AXSA:2016-143:02)
"The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-143:02 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves ho...
MiracleLinux 7 : bind-9.9.4-29.3.0.1.el7.AXS7 (AXSA:2016-142:02)
"The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-142:02 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves ho...
GnuPG: Arbitrary Code Execution
Background The GNU Privacy Guard, GnuPG, is a free replacement for the PGP suite of cryptographic software. Description A vulnerability has been discovered in GnuPG's armor parser. Impact A remote attacker could entice a user or automated system to process a specially crafted signature file,...
EUVD-2018-10238
Malware in sbrugna...
EUVD-2016-0095
Malware in sbrugna...
EUVD-2015-5785
Malware in sbrugna...
EUVD-2015-3452
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-15834
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In radare2 before 2.9.0, a heap overflow vulnerability exists in the readmodulereferencedfunctions function in libr/anal/flirt.c via a crafted flirt signature...
CVE-2025-31355
A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
SUSE CVE-2012-4912
Cross-site scripting XSS vulnerability in the WebAccess component in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to inject arbitrary web script or HTML via a crafted signature in an HTML e-mail message...
CVE-2024-30172
A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service...
SUSE CVE-2024-30172
An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
An issue was discovered in Bouncy Castle Java Cryptography APIs starting in 1.73 and before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...
CVE-2024-30172
An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...
DEBIAN-CVE-2024-30172
An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...
UBUNTU-CVE-2024-30172
An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
An issue was discovered in Bouncy Castle Java Cryptography APIs starting in 1.73 and before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key...
CVE-2024-30172
CVE-2024-30172 refers to a vulnerability in Bouncy Castle Java Cryptography APIs prior to 1.78 where an Ed25519 verification path can enter an infinite loop when processing a crafted signature and public key. The connected IBM security bulletin confirms the same CVE-ID and recommends upgrading to...
K62012529: BIND vulnerability CVE-2016-1286
Security Advisory Description named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted signature record for a DNAME record, related to db.c and resolver.c. CVE-2016-1286 Impact An attacke...