1033 matches found
UBUNTU-CVE-2026-46028
In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - snapshot IV for async AEAD requests AFALG AEAD AIO requests currently use the socket-wide IV buffer during request processing. For async requests, later socket activity can update that shared state before the...
Botan C++ Crypto Algorithms Library 3.12.0
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS 10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to...
[SECURITY] Fedora 42 Update: openssl-3.2.6-4.fc42
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...
MiracleLinux 8 : openssh-8.0p1-29.el8_10 (AXSA:2026-554:03)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-554:03 advisory. OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode CVE-2026-35385 OpenSSH: OpenSSH: Security bypass via...
CLSA-2026-1777633439 kernel: Fix of 142 CVEs
crypto: algifaead - Fix minimum RX size check for decryption CVE-2026-31431 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl CVE-2026-31431 - crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec CVE-2026-31431 - crypto: authencesn - Fix src offset when...
[SECURITY] Fedora 44 Update: botan3-3.9.0-7.fc44
Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \11 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...
[SECURITY] Fedora 44 Update: openssl-3.5.5-2.fc44
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...
EUVD-2026-11629
A Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to bypass authentication and gain root-level access to the device...
EUVD-2026-9823
Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux Config string generation, web console export modules allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program routin...
CVE-2025-14480
IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...
CVE-2025-14456
CVE-2025-14456 affects IBM MQ Appliance, specifically 9.4 CD through 9.4.4.0 to 9.4.4.1. The root cause is the use of weaker than expected cryptographic algorithms, resulting in a CVSS v3.1 base score of 5.9 (Impact: Confidentiality High; others None). IBM’s bulletin notes this could allow an att...
CVE-2025-14480 IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms
IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...
Security Bulletin: IBM MQ Appliance uses weaker than expected cryptographic algorithms (CVE-2025-14456)
Summary IBM MQ Appliance has addressed use of weaker than expected cryptographic algorithms. Vulnerability Details CVEID:CVE-2025-14456 DESCRIPTION: IBM MQ Appliance uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CWE:CWE-32...
CVE-2026-2618
A vulnerability was determined in Beetel 777VR1 up to 01.00.09. This impacts an unknown function of the component SSH Service. This manipulation causes risky cryptographic algorithm. The attack is possible to be carried out remotely. The attack is considered to have high complexity. The...
PT-2026-5700
Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.1.0 Description IBM Concert utilizes cryptographic algorithms that are not sufficiently robust, potentially enabling an attacker to decrypt sensitive information. Recommendations Update to a version later...
CVE-2026-22585
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Salesforce Marketing Cloud Engagement CloudPages, Forward to a Friend, Profile Center, Subscription Center, Unsub Center, View As Webpage modules allows Web Services Protocol Manipulation. This issue affects Marketing Cloud...
CVE-2026-23966
sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A private key recovery vulnerability exists in the SM2 decryption logic of sm-crypto prior to version 0.3.14. By interacting with the SM2 decryption interface multiple times, an attacker can...
CVE-2023-50939
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275129...
CVE-2024-41763
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...
TP-Link TL-WR820N 2.80 Weak Cryptography
TP-Link TL-WR820N version 2.80 uses weak cryptographic algorithms for SSH...