1444 matches found
Mobile Verification Toolkit (MVT): Path Traversal via unsanitized File identifiers in iOS Backup processing
Summary The fileID field from Manifest.db a SQLite database inside iOS backups, generated by the device is used directly in filesystem path construction without validation. This affects two commands through a shared code path: - mvt-ios decrypt-backup decrypt.py: fileid is used to construct both...
Exploit for Improper Handling of Length Parameter Inconsistency in Linux Linux_Kernel
CVE-2026-31635 · DirtyDecrypt !License: MIThttps://img.sh...
PT-2026-42598
Summary The fileID field from Manifest.db a SQLite database inside iOS backups, generated by the device is used directly in filesystem path construction without validation. This affects two commands through a shared code path: - mvt-ios decrypt-backup decrypt.py: file id is used to construct both...
PT-2026-42664
Name of the Vulnerable Software and Affected Versions MVT Mobile Verification Toolkit versions prior to 2026.5.12 Description A path traversal issue exists during iOS Backup processing due to unsanitized file identifiers. The fileID field from the Manifest.db SQLite database is used directly in...
Astra Linux - уязвимость в ruby2.5
A vulnerability was discovered in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a slab-out-of-bounds issue in smb2allocaterspbuf. If -ProtocolId is set to SMB2 TRANSFORMPROTONUM, the validation of the request size could be skipped. If the request size is smaller than sizeofstruct smb2queryinfore...
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
Proof-of-concept PoC exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation LPE. Dubbed DirtyDecrypt aka DirtyCBC, the vulnerability was discovered and reported by the Zellic and V12 security team on May 9, 2026,...
SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:1885-1)
The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1885-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.272 fixes one security issue The following security issue was fixed: -...
SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 16 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:1994-1)
The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1994-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.261 fixes one security issue The following security issue was fixed: -...
SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:1906-1)
The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1906-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.299 fixes one security issue The following security issue was fixed: -...
SUSE SLES15 Security Update : kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2026:1875-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1875-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.113 fixes one security issue The following security issue was fixed: - CVE-2026-4328...
SUSE SLES15 Security Update : kernel (SUSE-SU-2026:1959-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1959-1 advisory. The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-5451...
SUSE-SU-2026:21777-1 Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...
Microsoft is changing Edge’s plaintext password behavior
Microsoft said it will change Edge’s password handling as a “defense‑in‑depth” measure. Originally, Edge decrypted the entire saved‑password store on startup and kept all credentials resident in process memory in clear text for the whole browser session, regardless of whether a given credential w...
SUSE-SU-2026:21817-1 Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.27.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...
SUSE-SU-2026:21765-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...
SUSE-SU-2026:21775-1 Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...
SUSE-SU-2026:21771-1 Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...
SUSE-SU-2026:21764-1 Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...
SUSE-SU-2026:21770-1 Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...