CVE-2026-49000 Cryptography Implementation Flaw vulnerability in ZTE ZXUniPOS NDS-LTE product

An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms...

CVE-2026-49000 Cryptography Implementation Flaw vulnerability in ZTE ZXUniPOS NDS-LTE product

An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use of weak encryption algorithms...

CVE-2026-49000

Technical details (affected products, components, versions, exploit info) are not publicly available in the provided documents. Monitor for updates from NVD, the CVE List, and vendors.

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses cryptography-46.0.3-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-26007

Summary IBM Maximo Application Suite - Visual Inspection component uses cryptography-46.0.3-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-26007 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-26007...

Astra Linux - уязвимость в wpa

In Hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker who has successfully bootstrapped public keys with another entity using PKEX in the past will be able to subvert future bootstrapping attempts by passively observing the public keys. By...

Use of a Broken or Risky Cryptographic Algorithm

Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the OpenID Connect authentication. An attacker can impersonate any user and obtain unauthorized S3 credentials with any policy, including administrative privileges, by forging identity...

CVE-2025-14505

The ECDSA implementation of the Elliptic package generates incorrect signatures if an interim value of 'k' as computed based on step 3.2 of RFC 6979 https://datatracker.ietf.org/doc/html/rfc6979 has leading zeros and is susceptible to cryptanalysis, which can lead to secret key exposure. This...

EUVD-2025-204349

A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms. The hotfix introduces an additional security layer to prevent hash value reuse and potential exploitation...

CVE-2025-43723

CVE-2025-43723 affects Dell PowerScale OneFS. The issue is a use of a broken or risky cryptographic algorithm in PowerScale OneFS, allowing an unauthenticated remote attacker to potentially cause information disclosure. Affected versions are PowerScale OneFS prior to 9.10.1.3 and 9.11.0.0 through...

EUVD-2018-0030

Malware in sbrugna...

EUVD-2022-5096

Malicious code in bioql PyPI...

EUVD-2024-0496

Malicious code in bioql PyPI...

EUVD-2025-27250

Malicious code in bioql PyPI...

CVE-2025-7970

A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compromise...

Rockwell FactoryTalk Activation Manager 5.x < 5.02 Information Disclosure

The version of Rockwell FactoryTalk Activation Manager installed on the remote Windows host is 5.x prior to 5.02. It is, therefore, affected by an information disclosure vulnerability. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. Thi...

CVE-2025-7970

A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compromise...

CVE-2025-7970 Rockwell Automation FactoryTalk Activation Manager Lack of Encryption Vulnerability

A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compromise...

CVE-2025-7970 Rockwell Automation FactoryTalk Activation Manager Lack of Encryption Vulnerability

A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compromise...

Linux Distros Unpatched Vulnerability : CVE-2019-19962

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL before 4.3.0 mishandles calls to wcSignatureGenerateHash, leading to fault injection in RSA cryptography. CVE-2019-19962 Note that Nessus relies on the...

SUSE-SU-2025:02773-1 Security update for libgcrypt

This update for libgcrypt fixes the following issues: - CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107...