openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...

PT-2026-3475

Name of the Vulnerable Software and Affected Versions ESPHome versions 2025.9.0 through 2025.12.6 Description ESPHome is a system for remote microcontroller control via Home Automation systems. An integer overflow in the API component’s protobuf decoder can lead to denial-of-service attacks when...

MiracleLinux 7 : samba-4.2.10-7.el7 (AXSA:2016-578:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-578:06 advisory. Samba is the standard Windows interoperability suite of programs for Linux and Unix. Security issues fixed with this release: CVE-2016-2119...

Post-Quantum Secure Aggregation Via Code-Based Homomorphic Encryption

Secure aggregation enables aggregation of inputs from multiple parties without revealing individual contributions to the server or other clients. Existing post-quantum approaches based on homomorphic encryption offer practical efficiency but predominantly rely on lattice-based hardness assumption...

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.161-2.6.12.0.AXS4 (AXSA:2017-2469:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2469:04 advisory. Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to...

crypto: seqiv - Do not use req->iv after crypto_aead_encrypt

...

CVE-2025-64769

The Process Optimization application suite leverages connection channels/protocols that by-default are not encrypted and could become subject to hijacking or data leakage in certain man-in-the-middle or passive inspection scenarios...

SUSE CVE-2020-14799

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Encryption. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001503)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001503 advisory. Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service NULL pointer dereference or possibly gai...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001628)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001628 advisory. crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AFALG-based AEAD interface...

MiracleLinux 7 : xmlsec1-1.2.20-7.el7 (AXSA:2017-1915:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1915:01 advisory. XML Security Library is a C library based on LibXML2 and OpenSSL. The library was created with a goal to support major XML security standards XML Digital...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001479)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001479 advisory. u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001548)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001548 advisory. An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscryptdopagecrypto in fs/crypto/crypto.c when operating on a fil...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004415)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004415 advisory. A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000959)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000959 advisory. A missing authorization check in the fscryptprocesspolicy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel befor...

MiracleLinux 7 : java-1.7.0-openjdk-1.7.0.161-2.6.12.0.0.1.el7.AXS7 (AXSA:2017-2478:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2478:04 advisory. Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to...

MiracleLinux 7 : ipa-4.4.0-14.6.0.1.el7.AXS7 (AXSA:2017-1334:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1334:03 advisory. IPA is an integrated solution to provide centrally managed Identity users, hosts, services, Authentication SSO, 2FA, and Authorization host access control,...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.151-1.b12.el7 (AXSA:2017-2339:07)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2339:07 advisory. Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to...

openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002301)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002301 advisory. A missing authorization check in the fscryptprocesspolicy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel befor...