CVE-2026-41005

Cloud Foundry UAA incorrectly treated XML encryption to the Service Provider confidentiality as a substitute for XML signatures from the Identity Provider authenticity in two SAML flows: the OAuth 2.0 SAML2 bearer grant token endpoint and browser SSO ACS when wantAssertionSigned is set to false...

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication in the AesCbcHmacSha2Decryptor.doFinal function, which effectively skips authentication by comparing the computed authentication tag with itself rather than with the received tag, for A128CBC-HS256, A192CBC-HS384...

Improper Validation of Integrity Check Value

Overview Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value in the wolfSSLEVPCipherFinal process. An attacker can obtain unauthorized access to plaintext data by submitting ciphertext with a forged or incorrect authentication tag, as the tag is not...

CVE-2026-27443

CVE-2026-27443 affects SEPPmail Secure Email Gateway prior to version 15.0.1. The issue is that headers from S/MIME protected MIME entities are not properly sanitized, enabling an attacker to control trusted headers. According to the connected CVE record, the vulnerability is exploitable over net...

EUVD-2025-36185

Improper handling of OTP/TOTP/HOTP values in NetKnights GmbH privacyIDEA Authenticator v.4.3.0 on Android allows local attackers with root access to bypass two factor authentication. By hooking into app crypto routines and intercepting decryption paths, attacker can recover plaintext secrets,...

EUVD-2016-7334

Malware in sbrugna...

pkcs11-provider security vulnerability

pkcs11-provider is an oasis-open open source Openssl 3.x provider for accessing hardware or software tokens using the PKCS11 cryptographic token interface. A security vulnerability exists in pkcs11-provider, which stems from a Bleichenbacher-like security flaw in the application that could cause ...

CVE-2022-20805

A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway SWG could allow an authenticated, adjacent attacker to bypass the SSL decryption and content filtering policies on an affected system. This vulnerability is due to how the decryption function uses the TLS Sev...

PT-2022-2551 · Cisco · Cisco Umbrella Secure Web Gateway

Name of the Vulnerable Software and Affected Versions: Cisco Umbrella Secure Web Gateway SWG affected versions not specified Description: A vulnerability in the automatic decryption process could allow an authenticated, adjacent attacker to bypass the SSL decryption and content filtering policies...

CVE-2015-8013

s2k.js in OpenPGP.js will decrypt arbitrary messages regardless of passphrase for crafted PGP keys which allows remote attackers to bypass authentication if message decryption is used as an authentication mechanism via a crafted symmetrically encrypted PGP message...