Uncaught Exception

Overview Affected versions of this package are vulnerable to Uncaught Exception in the cipher.KeyUnwrap function when decrypting a JSON Web Encryption JWE object with a key wrapping algorithm ending in 'KW', except for 'A128GCMKW', 'A192GCMKW', and 'A256GCMKW' and the encryptedkey field is empty...

PT-2026-30011

Name of the Vulnerable Software and Affected Versions Go JOSE versions prior to 4.1.4 and versions prior to 3.0.5 Description Go JOSE, an implementation of the Javascript Object Signing and Encryption standards in Go, is susceptible to a denial of service. When decrypting a JSON Web Encryption JW...

GHSA-WJ2J-QWCF-CFCC IncusOS has a LUKS encryption bypass due to insufficient TPM policy

The default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the system's owner or any tampering of Secure Boot state or kernel UKI boot image. That's...

CVE-2025-14759

The CVE-2025-14759 issue affects the Amazon S3 Encryption Client for .NET. When the encrypted data key (EDK) is stored in an Instruction File instead of S3 metadata, missing cryptographic key commitment could allow a user with write access to the bucket to introduce a rogue EDK and decrypt to a d...

EUVD-2020-19096

Malware in sbrugna...

EUVD-2001-0378

Malware in sbrugna...

The vulnerability of Ivanti Connect Secure and Ivanti Policy Secure, which control network access, stems from the use of a strictly encrypted cryptographic key. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the Ivanti Connect Secure and Ivanti Policy Secure network access control tools lies in the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the multi-platform SCADA system KROON-TM, related to the use of a rigidly encrypted cryptographic key for the SSL certificate, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the multi-platform SCADA system KROON-TM is related to the use of a rigidly encrypted cryptographic key for the SSL certificate. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Primo RPA Orchestrator module of the Primo RPA automation platform allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Primo RPA Orchestrator module of the Primo RPA automation platform lies in the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of TP-Link Tapo C500 Wi-Fi cameras, which stems from the use of a rigidly encrypted cryptographic key, allows attackers to carry out “man-in-the-middle” attacks.

The vulnerability of TP-Link Tapo C500 Wi-Fi cameras lies in the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker to carry out a “man-in-the-middle” attack...

The command-line interface vulnerability of the FortiSandbox system allows a intruder to gain unauthorized access to protected information.

The vulnerability of the command-line interface of the FortiSandbox threat detection and removal system is related to the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

PT-2024-28460 · Entrust · Entrust Instant Financial Issuance

Name of the Vulnerable Software and Affected Versions: Entrust Instant Financial Issuance formerly known as Cardwizard versions 6.8.x and earlier, 6.9.0, 6.9.1, 6.9.2, 6.10.0 Description: The issue concerns the use of a DLL library with a custom AES encryption process that relies on static...

CVE-2024-45004

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak of blob encryption key Trusted keys unseal the key blob on load, but keep the sealed payload in the blob field so that every subsequent read export will simply convert this field to hex and send it to...

The vulnerability of the software for managing and optimizing Cisco Intelligent Node (iNode) networks stems from the use of a hard-crypted cryptographic key. This allows attackers to carry out “man-in-the-middle” attacks.

The vulnerability of Cisco Intelligent Node iNode management and optimization software is related to the use of a rigidly encrypted cryptographic key. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information by...

jose4j: denial of service via specially crafted JWE

A flaw was found in the jose.4.j jose4j library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c PBES2 Count. This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down...

CVE-2024-29955

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow a privileged user to print the SANnav encrypted key in PostgreSQL startup logs. This could provide attackers with an additional, less-protected path to acquiring the encryption key...

CVE-2024-29955 Insertion of Sensitive Information into Brocade SANnav Log File

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow a privileged user to print the SANnav encrypted key in PostgreSQL startup logs. This could provide attackers with an additional, less-protected path to acquiring the encryption key...

CVE-2024-29955

Summary (CVE-2024-29955): Brocade SANnav before v2.3.1 and v2.3.0a is affected by a vulnerability where a privileged user can print the SANnav encrypted key in PostgreSQL startup logs due to insufficient protection of registration data in the PostgreSQL component. This could allow attackers with ...

SANnav encrypted key in PostgreSQL startup logs (CVE-2024-29955)

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow a privileged user to print the SANnav encrypted key in PostgreSQL startup logs. This could provide attackers with an additional, less-protected path to acquiring the encryption key...

Design/Logic Flaw

Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL...