Exploit for Incorrect Authorization in Dani-Garcia Vaultwarden

CVE-2026-26012 — Vaultwarden Cipher Enumeration PoC Full...

SUSE SLES11 Security Update : openssl1 (SUSE-SU-2026:0498-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0498-1 advisory. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69420: Missing ASN1TYPE validation in...

CLSA-2026-1770820922 openssl: Fix of CVE-2025-69421

CVE-2025-69421: fix NULL dereference in PKCS12itemdecryptd2iex...

CLSA-2026-1771004260 openssl: Fix of CVE-2025-69421

CVE-2025-69421: fix NULL dereference in PKCS12itemdecryptd2iex...

OESA-2026-1336 gnupg2 security update

GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 also known as PGP. GnuPG enables encryption and signing of data and communication, and features a versatile key management system as well as access modules for public key directories. Security Fixes: In GnuP...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the pgppubdecryptbytea, which missing a safeguard for the session key length read from the message data, that can be given in input of pgppubdecryptbytea. An attacker can execute arbitrary code as the...

CLSA-2026-1770821221 openssl: Fix of CVE-2025-69421

CVE-2025-69421: fix NULL dereference in PKCS12itemdecryptd2iex...

CLSA-2026-1770820398 openssl: Fix of CVE-2025-69421

CVE-2025-69421: fix NULL dereference in PKCS12itemdecryptd2iex...

CLSA-2026-1770804736 Fix CVE(s): CVE-2025-69421

SECURITY UPDATE: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files - debian/patches/CVE-2025-69421.patch: fix NULL pointer dereference in PKCS12itemdecryptd2i by adding NULL check for oct parameter - CVE-2025-69421...

CLSA-2026-1770717529 Fix CVE(s): CVE-2025-69421

SECURITY UPDATE: check oct argument for NULL in PKCS12itemdecryptd2ie - debian/patches/CVE-2025-69421.patch: fix a NULL pointer dereference in the PKCS12itemdecryptd2iex function. - CVE-2025-69421...

CVE-2025-66597

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports weak cryptographic algorithms, potentially allowing an attacker to decrypt communications with the web server. The affected products and versions are as follows: FAST/TOOLS Packages:...

CVE-2026-22906 Hardcoded Key Allows Credential Disclosure

User credentials are stored using AES‑ECB encryption with a hardcoded key. An unauthenticated remote attacker obtaining the configuration file can decrypt and recover plaintext usernames and passwords, especially when combined with the authentication bypass...

CVE-2025-66597

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports weak cryptographic algorithms, potentially allowing an attacker to decrypt communications with the web server. The affected products and versions are as follows: FAST/TOOLS Packages:...

CVE-2025-66597

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports weak cryptographic algorithms, potentially allowing an attacker to decrypt communications with the web server. The affected products and versions are as follows: FAST/TOOLS Packages:...

CVE-2025-66598

The CVE-2025-66598 entry concerns Yokogawa FAST/TOOLS. Affected packages are FAST/TOOLS (RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) from R9.01 to R10.04. The description states the product supports old SSL/TLS versions, potentially allowing an attacker to decrypt communications with the web server. N...

Yokogawa FAST/TOOLS 安全漏洞

Yokogawa FAST/TOOLS is a real-time operation management and visualization software developed by Yokogawa Electric Corporation. There are security vulnerabilities in the Yokogawa FAST/TOOLS R9.01 version up to R10.04. These vulnerabilities stem from the support for older versions of SSL/TLS, which...

EUVD-2026-5222

Rapid7 Nexpose versions 6.4.50 and later are vulnerable to an insufficient entropy issue in the CredentialsKeyStorePassword.generateRandomPassword method. When updating legacy keystore passwords, the application generates a new password with insufficient length 7-12 characters and a static prefix...

CVE-2025-36253 Multiple Vulnerabilities in IBM Concert Software.

IBM Concert 1.0.0 through 2.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

SUSE SLES12 Security Update : openssl-1_0_0 (SUSE-SU-2026:0333-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0333-1 advisory. - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69420: Missing ASN1TYPE validation in...

CVE-2025-13399

A weakness in the web interface’s application layer encryption in VX800v v1.0 allows an adjacent attacker to brute force the weak AES key and decrypt intercepted traffic. Successful exploitation requires network proximity but no authentication, and may result in high impact to confidentiality,...