Hanwha Vision IP Cameras 安全漏洞

Hanwha Vision IP Cameras are a series of webcams from Hanwha Vision, a South Korean company. A security vulnerability exists in Hanwha Vision IP Cameras, which stems from the use of a hard-coded encryption key for sensitive information in Device Manager, which can be used by an attacker to decryp...

PT-2025-53451

Name of the Vulnerable Software and Affected Versions DVP-12SE affected versions not specified Description The DVP-12SE device transmits sensitive information in cleartext via the Modbus/TCP protocol. This allows potential attackers to intercept and read sensitive data. The device does not employ...

CVE-2023-53996

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marke...

SUSE CVE-2023-53996

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marke...

Unspecified Vulnerability in RiteCMS

RiteCMS is an open source content management system based on php and sqlite. An unspecified vulnerability exists in RiteCMS that stems from the use of insecure encryption to store passwords. No detailed vulnerability details are provided at this time...

Apache StreamPark Weak Algorithm Vulnerability

Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. Apache StreamPark suffers from a weak algorithmic vulnerability that stems from the use of weak encryption algorithms, which can be exploited by an attacker to expose sensitive...

Apache StreamPark Security Bypass Vulnerability

Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. Apache StreamPark suffers from a security bypass vulnerability due to the use of a fixed, immutable encryption key. An attacker could exploit the vulnerability to decrypt...

CVE-2023-53996

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marke...

CVE-2023-53996

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marke...

UBUNTU-CVE-2023-53996

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marke...

CVE-2023-53996

CVE-2023-53996 : In the Linux kernel, a bug in x86/sev handling caused live migration corruption when encryption status was computed. The function enc_dec_hypercall() previously used a page count instead of a size, forcing callers to round up and causing non-page-aligned vaddrs to be treated as d...

CVE-2023-53996 x86/sev: Make enc_dec_hypercall() accept a size instead of npages

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marke...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that encdechypercall accepts page counts instead of sizes, which could result in page mislabeling...

PT-2025-52953

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The enc dec hypercall function accepted a page count instead of a size, requiring callers to round up values. This resulted in incorrect marking of pages as decrypted during live migrati...

Improper Authentication

github.com/edgelesssys/contrast is vulnerable to Improper Authentication. The vulnerability is due to unauthenticated LUKS2 volume metadata and support for null key-encryption algorithms, which allows an attacker to craft a malicious volume that opens with any passphrase and captures all written...

Passwd: A walkthrough of the Google Workspace Password Manager

Passwd is designed specifically for organizations operating within Google Workspace. Rather than competing as a general consumer password manager, its purpose is narrow, and business-focused: secure credential storage, controlled sharing, and seamless Workspace integration. The platform emphasize...

Power Side-Channel Analysis of the CVA6 RISC-V Core at the RTL Level Using VeriSide

Security in modern RISC-V processors demands more than functional correctness: It requires resilience to side-channel attacks. This paper evaluates the vulnerability of the side channel of the CVA6 RISC-V core by analyzing software-based AES encryption uses an RTL-level power profiling framework...

Satellite Cybersecurity across Orbital Altitudes: Analyzing Ground-Based Threats to LEO, MEO, and GEO

The rapid proliferation of satellite constellations, particularly in Low Earth Orbit LEO, has fundamentally altered the global space infrastructure, shifting the risk landscape from purely kinetic collisions to complex cyber-physical threats. While traditional safety frameworks focus on debris...

GO-2025-4250 Amazon S3 Encryption Client has a Key Commitment Issue in github.com/aws/amazon-s3-encryption-client-go

Amazon S3 Encryption Client has a Key Commitment Issue in github.com/aws/amazon-s3-encryption-client-go...

CVE-2025-61739 Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG reusing a nonce, key pair in encryption

Due to Nonce reuse, attackers can perform reply attack or decrypt captured packets...