27 matches found
EUVD-2020-17922
Malware in sbrugna...
EUVD-2022-4173
Malicious code in bioql PyPI...
CVE-2025-39917
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds dynptr write in bpfcryptocrypt Stanislav reported that in bpfcryptocrypt the destination dynptr's size is not validated to be at least as large as the source dynptr's size before calling into the crypto...
CVE-2019-8118
Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 uses weak cryptographic function to store the failed login attempts for customer accounts...
CryptoLib 安全漏洞
CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib versions prior to 1.3.2, which stems from a failure to check the return state of the OTAR cryptographic...
RHEL 9 : Red Hat Single Sign-On 7.6.3 security update on RHEL 9 (Moderate) (RHSA-2023:2707)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2707 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...
RHEL 8 : Red Hat Single Sign-On 7.6.3 security update on RHEL 8 (Moderate) (RHSA-2023:2706)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2706 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...
Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 for OpenShift image security update
A new image is available for Red Hat Single Sign-On 7.6.3, running on Red Hat OpenShift Container Platform from the release of 3.11 up to the release of 4.12.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 XP 4.0.0.GA Security release
JBoss EAP XP 4.0.0.GA Security release on the EAP 7.4.9 base. See references for release notes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Insecure Cryptographic Function
LibreOffice has insecure cryptographic function. The vulnerability exists due to stored passwords being encrypted with a single master key provided by the user...
Insecure Cryptographic Function
grub has insecure cryptographic function. The vulnerability exists due to a lack of validation allowing signed grub which is installed into the db to be booted directly...
Insecure Cryptographic Function
Biscuit has insecure cryptographic function. The vulnerability exists due to the use a signature algorithm which allows an attacker to forge Γ-signatures and create token with any access level to bypass authentication and authorization...
Insecure Cryptographic Function
ssh.net is vulnerable to Insecure Cryptographic Function. The vulnerability exists in Start function in KeyExchangeECCurve25519.cs due to the use of cryptographically insecure random number generator which allows an attacker to easily predict the generated pseudo-random values...
Insecure Cryptographic Function
amd64-microcode has insecure cryptographic function. The vulnerable exists due to an insecure cryptographic implementation...
opencryptoki bug fix and enhancement update
The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...
Insecure Cryptographic Function
libapache2-mod-auth-openidc has insecure cryptographic functions. The vulnerability existis due to reusing the same key...
Insecure Cryptographic Functions
github.com/moov-io/customers uses insecure cryptographic function. An attacker is able to exploit the vulnerability by using a rainbow table attack on the system. Th vulnerability exists due to a probability of a lack of uniqueness in the complexity of the hash function...
CVE-2020-25232
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an insecure random number generation function and a deprecated cryptographic function, an attacker could extract the key that is used when communicating with an affected device on port...
Design/Logic Flaw
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an insecure random number generation function and a deprecated cryptographic function, an attacker could extract the key that is used when communicating with an affected device on port...
CVE-2020-25232
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an insecure random number generation function and a deprecated cryptographic function, an attacker could extract the key that is used when communicating with an affected device on port...