Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2025-2027)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-7970

A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compromise...

CVE-2025-7970 Rockwell Automation FactoryTalk Activation Manager Lack of Encryption Vulnerability

A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compromise...

CVE-2025-7970 Rockwell Automation FactoryTalk Activation Manager Lack of Encryption Vulnerability

A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compromise...

PT-2025-36728

Name of the Vulnerable Software and Affected Versions: FactoryTalk Activation Manager affected versions not specified Description: A security issue exists within FactoryTalk Activation Manager related to a flaw in the implementation of cryptography. This could allow attackers to decrypt network...

SUSE CVE-2025-39682

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

AZL-67001 CVE-2025-39682 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

CVE-2025-48522

In setDisplayName of AssociationRequest.java, there is a possible way for an app to retain CDM association due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48522

In setDisplayName of AssociationRequest.java, there is a possible way for an app to retain CDM association due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

[SECURITY] [DLA 4292-1] clamav security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4292-1 [email protected] https://www.debian.org/lts/security/ Lucas Kanashiro September 04, 2025 https://wiki.debian.org/LTS -...

CLSA-2025-1756961235 nss: Fix of CVE-2023-5388

CVE-2023-5388: fix timing attack against RSA decryption in TLS r=jschanck...

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations.

...

Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl

...

CVE-2025-33102

IBM Concert Software 1.0.0 through 1.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

Linux Distros Unpatched Vulnerability : CVE-2020-11031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GLPI before version 9.5.0, the encryption algorithm used is insecure. The security of the data encrypted relies on the password used, if a user sets a...

CVE-2025-33102

IBM Concert Software 1.0.0 through 1.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2025-33102

IBM Concert Software 1.0.0 through 1.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

IBM Concert Software 加密问题漏洞

IBM Concert Software is an application lifecycle risk identification software from International Business Machines IBM. An encryption issue vulnerability exists in IBM Concert Software versions 1.0.0 through 1.1.0, which stems from a weak encryption algorithm that could lead to the decryption of...

PT-2025-35487

Name of the Vulnerable Software and Affected Versions: IBM Concert Software versions 1.0.0 through 1.1.0 Description: IBM Concert Software uses cryptographic algorithms that are weaker than expected, potentially allowing an attacker to decrypt sensitive information. Recommendations: Update IBM...

CVE-2025-7071

Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS7 decrypt operations...