OpenSSL 安全漏洞

OpenSSL is an open source general-purpose cryptographic library capable of implementing the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols from the OpenSSL team. It supports a wide range of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

OpenSSL 3.0.0 < 3.0.18 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.0.18. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.18 advisory. - Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy'...

FreeBSD Security Advisory - FreeBSD-SA-25:08.openssl

FreeBSD Security Advisory - FreeBSD includes software from the OpenSSL Project. OpenSSL suffers from some new vulnerabilities. An application trying to decrypt cryptographic message syntax CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. A timing...

Keysight Ixia Vision 安全漏洞

Keysight Ixia Vision is a series of network packet proxies from Keysight Corporation USA. A security vulnerability exists in Keysight Ixia Vision that stems from hard-coded cryptographic material that could lead to the interception or decryption of payloads...

kernel: tls: fix handling of zero-length records on the rx_list

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

kernel: tls: fix handling of zero-length records on the rx_list

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

GHSA-QR9H-X63W-VQFM OpenMLS improper persistence of the secret tree during message processing

Summary A bug in the OpenMLS library prevented private key material from being updated in storage during message processing. The key material in question are the keys stored in the MLS secret tree, which are used for decryption of private MLS messages. The effects of the bug are limited in scope,...

OESA-2025-2324 python-pyinstaller security update

PyInstaller bundles a Python application and all its dependencies into a single package. The user can run the packaged app without installing a Python interpreter or any modules. Security Fixes: Due to a special entry being appended to sys.path during the bootstrap process of a PyInstaller-frozen...

CVE-2025-60250

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV...

CVE-2025-60250

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV...

CVE-2025-60250

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV...

PT-2025-39470

Name of the Vulnerable Software and Affected Versions Unitree Go2, G1, H1, and B2 devices through 2025-09-20 Description The devices decrypt Bluetooth Low Energy BLE packet data using a fixed key df98b715d5c6ed2b25817b6f2554124a and Initialization Vector IV 2841ae97419c2973296a0d4bdfe19a4f. This...

CVE-2025-60250

Unitree Go2, G1, H1, and B2 devices have a vulnerability (CVE-2025-60250) where BLE packet data can be decrypted using the specific key df98b715d5c6ed2b25817b6f2554124a and IV 2841ae97419c2973296a0d4bdfe19a4f. Connected sources confirm this cryptographic exposure through 2025-09-20; CVSS shows Ad...

CVE-2025-54754 Cognex In-Sight Explorer and In-Sight Camera Firmware Use of Hard-coded Password

An attacker with adjacent access, without authentication, can exploit this vulnerability to retrieve a hard-coded password embedded in publicly available software. This password can then be used to decrypt sensitive network traffic, affecting the Cognex device...

CVE-2025-54754 Cognex In-Sight Explorer and In-Sight Camera Firmware Use of Hard-coded Password

An attacker with adjacent access, without authentication, can exploit this vulnerability to retrieve a hard-coded password embedded in publicly available software. This password can then be used to decrypt sensitive network traffic, affecting the Cognex device...

CVE-2025-55112

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between th...

Cognex多款产品 安全漏洞

Cognex In-Sight Explorer and Cognex In-Sight Camera Firmware are both products of Cognex Corporation, U.S.A. Cognex In-Sight Explorer is a tool that has the ability to debug and program the software of its line of smart cameras.Cognex In-Sight Camera Firmware is firmware for a range of smart...

CVE-2025-55112

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between th...

CVE-2025-55112

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between th...

CVE-2025-55112 BMC Control-M/Agent hardcoded Blowfish keys

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between th...