OpenSSL 3.x QUIC Initial Packet Builder / Sender

This script is a proof of concept QUIC client that constructs fully encrypted initial packets with header protection. It can be used for testing or fuzzing QUIC/TLS 1.3 implementations. The script constructs and sends a cryptographically valid QUIC Initial packet over UDP. It simulates a QUIC...

CVE-2026-21917

An Improper Validation of Syntactic Correctness of Input vulnerability in the Web-Filtering module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If an SRX device configured for UTM Web-Filtering receives a specifical...

CVE-2025-61738

Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network...

CVE-2025-26379 Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG use of Cryptographically Weak Pseudo-Random Number Generator

Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets...

CVE-2025-26379

CVE-2025-26379 concerns Johnson Controls PowerG products (IQ Panels2, 2+, IQHub, IQPanel 4). The issue is use of a cryptographically weak pseudo-random number generator, enabling an attacker to read or inject encrypted PowerG packets. Documents consistently cite the weak PRNG as the root cause an...

EUVD-2025-204711

Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets...

CVE-2025-61738

Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network...

CVE-2025-61738 Johnson Controls PowerG and IQPanel cleartext transmission of sensitive information

Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network...

EUVD-2025-204702

Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network...

CVE-2025-61738 Johnson Controls PowerG and IQPanel cleartext transmission of sensitive information

Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network...

PT-2025-52641

Name of the Vulnerable Software and Affected Versions PowerG affected versions not specified Description An attacker may be able to capture the network key, and subsequently read or write encrypted packets on the PowerG network under specific circumstances. Recommendations At the moment, there is...

Johnson Controls IQ series和Johnson Controls PowerG 安全漏洞

The Johnson Controls IQ series and Johnson Controls PowerG are both products of Johnson Controls, Inc.The Johnson Controls IQ series is a series of intelligent security and automation control platforms.The Johnson Johnson Controls PowerG is a communications device. A security vulnerability exists...

PT-2025-52650

Name of the Vulnerable Software and Affected Versions Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG affected versions not specified Description The software utilizes a weak pseudo-random number generator. This could allow an attacker to read or inject encrypted PowerG packets...

CVE-2025-9612

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on Transaction Layer Packet TLP ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical...

EUVD-2025-202315

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on Transaction Layer Packet TLP ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical...

CVE-2025-9612

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on Transaction Layer Packet TLP ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical...

CVE-2025-9612 CVE-2025-9612

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on Transaction Layer Packet TLP ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical...

CVE-2025-9612

CVE-2025-9612 concerns the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification. The issue is that insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection, enabling local or physi...

CVE-2025-57174

An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other previous versions. The rfpiped service listening on TCP port 555 which uses static AES encryption keys hardcoded in the binary. These keys are identical across all...

CVE-2025-2796

On affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate encrypted packets, which should be dropped under normal anti-replay protection, will instead be...