CVE-2025-63811

An issue was discovered in dvsekhvalnov jose2go 1.5.0 thru 1.7.0 allowing an attacker to cause a Denial-of-Service DoS via crafted JSON Web Encryption JWE token with an exceptionally high compression ratio...

UBUNTU-CVE-2025-63811

An issue was discovered in dvsekhvalnov jose2go 1.5.0 thru 1.7.0 allowing an attacker to cause a Denial-of-Service DoS via crafted JSON Web Encryption JWE token with an exceptionally high compression ratio...

CVE-2025-63289

Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to contain hardcoded encryption keys in the encryptionhelper.dart file...

kernel: crypto: xts - Handle EBUSY correctly

A flaw use after free in the Linux kernel XTS XOR Encrypt XOR with ciphertext stealing crypto Kernel module was found in the way privileges user triggers XTS crypto API in specific way. A local user could use this flaw to crash the system or potentially escalate their privileges on the system...

CVE-2025-63811

An issue was discovered in dvsekhvalnov jose2go 1.5.0 thru 1.7.0 allowing an attacker to cause a Denial-of-Service DoS via crafted JSON Web Encryption JWE token with an exceptionally high compression ratio...

EulerOS 2.0 SP10 : krb5 (EulerOS-SA-2025-2391)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5...

CVE-2025-63811

An issue was discovered in dvsekhvalnov jose2go 1.5.0 thru 1.7.0 allowing an attacker to cause a Denial-of-Service DoS via crafted JSON Web Encryption JWE token with an exceptionally high compression ratio...

Sogexia Android App 安全漏洞

Sogexia Android App is a payment account management mobile application from Sogexia Luxembourg. A security vulnerability exists in Sogexia Android App that originates from the inclusion of hard-coded encryption keys in the encryptionhelper.dart file...

DuckDB 加密问题漏洞

DuckDB is an in-process SQL OLAP database management system from DuckDB open source. A cryptographic issue vulnerability exists in DuckDB versions 1.4.0 through prior to 1.4.2, which stems from a cryptographic implementation issue that could lead to key disclosure or bypass integrity checks...

CVE-2025-63811

CVE-2025-63811 affects dvsekhvalnov/jose2go (version range 1.5.0 through 1.7.0). The issue allows a Denial-of-Service via a crafted JSON Web Encryption (JWE) token with an exceptionally high compression ratio. The connected OSV entry GO-2025-4123 explicitly references this DoS scenario in the jos...

CVE-2025-63289

Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to contain hardcoded encryption keys in the encryptionhelper.dart file...

CVE-2025-63289

Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to contain hardcoded encryption keys in the encryptionhelper.dart file...

jose2go 安全漏洞

jose2go is a Golang-implemented Javascript object signing and encryption specification for DV individual developers. A security vulnerability exists in jose2go versions 1.5.0 through 1.7.0, which stems from a specially crafted JWE token that could lead to a denial of service...

CVE-2025-63289

CVE-2025-63289 affects the Sogexia Android App: Compile Affected SDK v35, Max SDK 32, with a fix in v36. The vulnerability arises from hardcoded encryption keys in the encryption_helper.dart file, which could impact data confidentiality and integrity. Remediation: update to SDK version 36 (or the...

EulerOS 2.0 SP10 : krb5 (EulerOS-SA-2025-2419)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5...

PT-2025-46723

Name of the Vulnerable Software and Affected Versions DuckDB versions 1.4.0 through 1.4.1 Description DuckDB, a SQL database management system, contains issues related to its block-based encryption implementation introduced in version 1.4.0. The system can fall back to an insecure random number...

EUVD-2025-50796

Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

CVE-2025-12439

Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

CVE-2025-12439

Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

CVE-2025-12439

Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...