CVE-2025-9612 CVE-2025-9612

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on Transaction Layer Packet TLP ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical...

CVE-2025-9612 CVE-2025-9612

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on Transaction Layer Packet TLP ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical...

PCI-SIG PCI Express Integrity and Data Encryption 安全漏洞

PCI-SIG PCI Express Integrity and Data Encryption is a data encryption software from PCI-SIG, USA. A security vulnerability exists in PCI-SIG PCI Express Integrity and Data Encryption that stems from insufficient guidance on packet ordering and label uniqueness at the transaction layer, which cou...

PCI-SIG PCI Express Integrity and Data Encryption 安全漏洞

PCI-SIG PCI Express Integrity and Data Encryption is a data encryption software from PCI-SIG, USA. A security vulnerability exists in PCI-SIG PCI Express Integrity and Data Encryption that stems from insufficient guidance for label reuse after a completion timeout, which could result in multiple...

Malicious code in kdewebhelper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 da8701a407522875f63d2aaa28d27194fe8e2faa4d7782fd66639f224ae62dcd Importing the module connects to a Telegram bot and provides its operator with abilities to execute commands, exfiltrate and encrypt data. The target group see...

MAL-2025-191772 Malicious code in kdewebhelper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 da8701a407522875f63d2aaa28d27194fe8e2faa4d7782fd66639f224ae62dcd Importing the module connects to a Telegram bot and provides its operator with abilities to execute commands, exfiltrate and encrypt data. The target group see...

SafePay Ransomware: TTPs and Defense Strategies

When a threat actor disables your security software and starts deleting your backups, you’re already in the middle of a crisis. The operators behind SafePay ransomware are known for these exact tactics, deliberately sabotaging your ability to respond and recover. Catching an attack like this earl...

7 Steps for Securing Generative AI in Enterprises

Think of your AI strategy like building a skyscraper. You wouldn't construct twenty floors and then try to figure out where the foundation should go. Security must be part of the blueprint from the very beginning. Bolting on security measures after an AI model is already in use is a recipe for...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2022-27775)

An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2021-36690)

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentionally allowe...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2019-16056)

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2019-1010023)

DISPUTED GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE...

Dell CloudLink Elevation of Privilege Vulnerability

Dell CloudLink is a data encryption and key management system from Dell USA. An elevation of privilege vulnerability exists in Dell CloudLink, which could be exploited by an attacker to gain access to a database and obtain confidential information...

Dell CloudLink Command Execution Vulnerability (CNVD-2025-28522)

Dell CloudLink is a data encryption and key management system from Dell USA. A command execution vulnerability exists in Dell CloudLink, which could be exploited by an attacker to execute arbitrary commands on the system...

Dell CloudLink Command Execution Vulnerability

Dell CloudLink is a data encryption and key management system from Dell USA. A command execution vulnerability exists in Dell CloudLink, which could be exploited by an attacker to execute arbitrary commands on the system...

Dell CloudLink Denial of Service Vulnerability

Dell CloudLink is a data encryption and key management system from Dell USA. A denial of service vulnerability exists in Dell CloudLink, which can be exploited by an attacker to cause a denial of service...

Dell CloudLink Command Injection Vulnerability

Dell CloudLink is a data encryption and key management system from Dell USA. A command injection vulnerability exists in Dell CloudLink, which can be exploited by an attacker to execute arbitrary commands on the system...

Dell CloudLink Operating System Command Injection Vulnerability

Dell CloudLink is a data encryption and key management system from Dell USA. Dell CloudLink suffers from an operating system command injection vulnerability that could be exploited by an attacker to cause elevation of privilege and unauthorized system access...

Dell CloudLink Command Execution Vulnerability (CNVD-2025-28523)

Dell CloudLink is a data encryption and key management system from Dell USA. A command execution vulnerability exists in Dell CloudLink, which can be exploited by an attacker to gain shell access to the system...

Dell CloudLink 操作系统命令注入漏洞

Dell CloudLink is a data encryption and key management system from Dell USA. A command execution vulnerability exists in Dell CloudLink, which can be exploited by an attacker to gain shell access to the system...