CVE-2026-46283

A flaw was found in the Linux kernel's Trusted Platform Module TPM driver. This vulnerability arises from the driver's failure to securely clear sensitive cryptographic material, such as session keys and passphrases, from memory when a TPM device is released. A local attacker could potentially...

CVE-2026-36178

The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...

CVE-2026-36178

The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...

CVE-2026-36178

The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic material in the JFFS2 configuration partition, possibly allowing attackers to recover and obtain sensitive user data...

CVE-2026-3579

wolfSSL 5.8.4 on RISC-V RV32I architectures lacks a constant-time software implementation for 64-bit multiplication. The compiler-inserted muldi3 subroutine executes in variable time based on operand values. This affects multiple SP math functions sp256mul9, sp256sqr9, etc., leading to a timing...

UBUNTU-CVE-2026-3579

wolfSSL 5.8.4 on RISC-V RV32I architectures lacks a constant-time software implementation for 64-bit multiplication. The compiler-inserted muldi3 subroutine executes in variable time based on operand values. This affects multiple SP math functions sp256mul9, sp256sqr9, etc., leading to a timing...

CVE-2026-3579 Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I

wolfSSL 5.8.4 on RISC-V RV32I architectures lacks a constant-time software implementation for 64-bit multiplication. The compiler-inserted muldi3 subroutine executes in variable time based on operand values. This affects multiple SP math functions sp256mul9, sp256sqr9, etc., leading to a timing...

EUVD-2025-11822

Malicious code in bioql PyPI...

ROS-20250904-04

The vulnerability of Module::Signature::verify function of Perl programming language is related to incorrect confirmation of cryptographic data signature. validation of cryptographic data signature. Exploitation of the vulnerability could allow an attacker, acting remotely, gain access to sensiti...

PT-2025-24579 · Amd · Amd Versal Adaptive Soc

Name of the Vulnerable Software and Affected Versions: AMD Versal Adaptive SoC devices affected versions not specified Description: The issue arises from the incorrect configuration of the Secure Stream Switch SSS during runtime, specifically after the system has booted, which could cause data to...

PT-2024-6846 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: A vulnerability exists in Windows where sensitive cryptographic information can be leaked. This issue is related to a discrepancy that may allow an attacker to obtain unauthorized access to...

CVE-2024-42229

In the Linux kernel, the following vulnerability has been resolved: crypto: aead,cipher - zeroize key buffer after use I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using...

The vulnerability of the Thunderbird email client, related to errors in processing OpenPGP and OpenPGP MIME data, allows a hacker to execute a DoS attack.

The vulnerability of the Thunderbird email client is related to errors in processing OpenPGP and OpenPGP MIME data. Exploiting this vulnerability could allow a remote attacker to carry out a DoS attack using a specially created certificate...

USN-5158-1 imagemagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based image files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. CVE-2021-20244 It was discovered that...

CVE-2019-18628

Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow a user with administrative privileges to turn off data encryption on the device, thus leaving it open to potential cryptographic information...

Huawei EulerOS: Security Advisory for nss, nss-util (EulerOS-SA-2016-1084)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sql injection

Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761...

Denial Of Service

Network Security Services NSS is vulnerable to denial of service DoS. The vulnerability is possible because of the flaw in the way NSS handles cryptographic data from the network, leading to an application crash or execution of arbitrary code with the permission of the user running the applicatio...

EulerOS 2.0 SP1 : nss, nss-util (EulerOS-SA-2016-1084)

According to the versions of the nss, nss-util packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple buffer handling flaws were found in the way NSS handled cryptographic data from the network. A remote attacker could use these...

Medium: nss-util, nss, nss-softokn

Issue Overview: CVE-2016-2834 nss: Multiple security flaws MFSA 2016-61 Multiple buffer handling flaws were found in the way NSS handled cryptographic data from the network. A remote attacker could use these flaws to crash an application using NSS or, possibly, execute arbitrary code with the...