IBM Aspera Console Encryption Issue Vulnerability

IBM Aspera Console is a Web-based application from International Business Machines IBM. Allows users to centrally manage, monitor and control Aspera servers nodes and transports. An encryption issue vulnerability exists in IBM Aspera Console 3.4.4 and prior versions, which stems from the use of a...

BIT-HUBBLE-RELAY-2025-32793 Cilium packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0 to 1.16.8, and 1.17.0 to 1.17.2, are vulnerable when using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can lea...

RabbitMQ 3.8.x < 3.8.32 / 3.9.x < 3.9.18 / 3.10.x < 3.10.2 Predictable credential obfuscation

The version of RabbitMQ installed on the remote host is 3.8.x prior to 3.8.32, 3.9.x prior to 3.9.18, or 3.10.x prior to 3.10.2. It is, therefore, affected by a vulnerability: - RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipsets from Qualcomm, Inc. A security vulnerability exists in Qualcomm Chipsets that stems from an encryption issue during PIN password authentication, which could result in bypassing user restrictions...

CVE-2025-2909 Lack of encryption vulnerability in DuoxMe

The lack of encryption in the DuoxMe formerly Blue application binary in versions prior to 3.3.1 for iOS devices allows an attacker to gain unauthorised access to the application code and discover sensitive information...

CVE-2025-30472

Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orftokenendianconvert in exec/totemsrp.c via a large UDP packet...

PT-2025-12459

Name of the Vulnerable Software and Affected Versions: Corosync versions 3.1.9 and earlier Description: The issue is a stack-based buffer overflow in the orf token endian convert function in exec/totemsrp.c via a large UDP packet, which can be exploited if encryption is disabled or the attacker...

Security Bulletin: Vulnerability in elasticsearch affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.

Summary Potential vulnerability in elasticsearch has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. The vulnerability have been addressed. Refer to details for additional information...

Odyssey CMS 加密问题漏洞

Odyssey CMS is a content management system from Odyssey, Inc. An encryption issue vulnerability exists in Odyssey CMS version 10.34 and earlier, which stems from the fact that incorrect operation of the parameter g-recaptcha-response can lead to a key management error, which could lead to a local...

Linux Distros Unpatched Vulnerability : CVE-2024-50151

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOBs when building SMB2IOCTL request When using encryption, either enforced...

Linux Distros Unpatched Vulnerability : CVE-2024-53185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in cryptoaeadsetkey Neither SMB3.0 or SMB3.02 supports...

Linux Distros Unpatched Vulnerability : CVE-2023-28999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS a...

Linux Distros Unpatched Vulnerability : CVE-2023-5992

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side- channel resistant. This issue may result in the potential...

Linux Distros Unpatched Vulnerability : CVE-2023-29000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.7.0, by trusting that the...

Ubuntu: Security Advisory (USN-7317-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2012-2146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector IV, which makes it easier for context-dependent users to obtain...

Linux Distros Unpatched Vulnerability : CVE-2013-7252

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier fo...

CVE-2025-24849 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Cleartext Transmission of Sensitive Information

Lack of encryption in transit for cloud infrastructure facilitating potential for sensitive data manipulation or exposure...

CVE-2024-50684

SunGrow iSolarCloud Android app V2.1.6.20241017 and prior uses an insecure AES key to encrypt client data insufficient entropy. This may allow attackers to decrypt intercepted communications between the mobile app and iSolarCloud...

IBM ApplinX Encryption Issue Vulnerability

IBM ApplinX is an International Business Machines IBM company focused on converting green screen interfaces into modern web-based applications. A cryptographic issue vulnerability exists in IBM ApplinX version 11.1 that stems from not properly enabling HTTP strict transport. An attacker could...