EUVD-2024-38271

Malicious code in bioql PyPI...

SUSE CVE-2022-50436

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set up encryption key during jbd2 transaction Commit a80f7fcf1867 "ext4: fixup ext4fctrack functions' signature" extended the scope of the transaction in ext4unlink too far, making it include the call to ext4findentry...

Out-of-bounds read & write in RFC 3211 KEK Unwrap

...

SUSE: Security Advisory (SUSE-SU-2025:03441-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-50436

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set up encryption key during jbd2 transaction Commit a80f7fcf1867 "ext4: fixup ext4fctrack functions' signature" extended the scope of the transaction in ext4unlink too far, making it include the call to ext4findentry...

UBUNTU-CVE-2022-50436

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set up encryption key during jbd2 transaction Commit a80f7fcf1867 "ext4: fixup ext4fctrack functions' signature" extended the scope of the transaction in ext4unlink too far, making it include the call to ext4findentry...

CVE-2022-50436

CVE-2022-50436 : Linux kernel ext4 had a deadlock risk when ext4_unlink() extended the jbd2 transaction scope, because ext4_find_entry() could require setting up the directory encryption key inside a transaction. The fix restores the transaction to its original scope, preventing the deadlock. The...

CVE-2022-50436 ext4: don't set up encryption key during jbd2 transaction

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set up encryption key during jbd2 transaction Commit a80f7fcf1867 "ext4: fixup ext4fctrack functions' signature" extended the scope of the transaction in ext4unlink too far, making it include the call to ext4findentry...

CVE-2022-50436 ext4: don't set up encryption key during jbd2 transaction

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set up encryption key during jbd2 transaction Commit a80f7fcf1867 "ext4: fixup ext4fctrack functions' signature" extended the scope of the transaction in ext4unlink too far, making it include the call to ext4findentry...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from setting an encryption key during a jbd2 transaction, which could result in a deadlock...

PT-2025-40121

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue was identified in the Linux kernel related to ext4 filesystem handling. A commit extended the transaction scope in ext4 unlink too far, including a call to ext4 find entry. This...

CVE-2025-34209

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.862 and Application prior to 20.0.2014 VA and SaaS deployments contain Docker images with the private GPG key and passphrase for the account no‑reply+virtual‑[email protected]. The key is stored in cleartext and the...

CVE-2025-9230

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...

CVE-2025-34209 Vasion Print (formerly PrinterLogic) Hardcoded GPG Private Key

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.862 and Application prior to 20.0.2014 VA and SaaS deployments contain Docker images with the private GPG key and passphrase for the account no‑reply+virtual‑[email protected]. The key is stored in cleartext and the...

CVE-2025-34234 Vasion Print (formerly PrinterLogic) Hardcoded Encryption Private Keys

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain two hardcoded private keys that are shipped in the application containers printerlogic/pi, printerlogic/printer-admin-api, and printercloud/pi...

Vasion Print Virtual Appliance Host 安全漏洞

Vasion Print Virtual Appliance Host is a print management software from Vasion USA. A security vulnerability exists in Vasion Print Virtual Appliance Host versions prior to 25.1.102, which stems from a hard-coded private key stored in a plaintext file, which could lead to the disclosure of the...

PT-2025-39879

Name of the Vulnerable Software and Affected Versions Vasion Print versions prior to 22.0.862 Vasion Print Application versions prior to 20.0.2014 Description The Vasion Print Virtual Appliance Host and Application contain Docker images with a private GPG key and its passphrase stored in cleartex...

IBM Cognos Controller and IBM Controller Encryption Issues Vulnerabilities

IBM Cognos Controller is an enterprise financial consolidation and reporting software from IBM. A security vulnerability exists in IBM Cognos Controller versions 11.0.0 through 11.0.1 and IBM Controller versions 11.1.0 through 11.1.1, which stems from the use of a hard-coded encryption key to sig...

CVE-2025-60250

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV...

CVE-2025-60250

Unitree Go2, G1, H1, and B2 devices have a vulnerability (CVE-2025-60250) where BLE packet data can be decrypted using the specific key df98b715d5c6ed2b25817b6f2554124a and IV 2841ae97419c2973296a0d4bdfe19a4f. Connected sources confirm this cryptographic exposure through 2025-09-20; CVSS shows Ad...