CVE-2025-27070

Memory corruption while performing encryption and decryption commands...

CVE-2025-27070 Out-of-bounds Write in Windows Compute

Memory corruption while performing encryption and decryption commands...

CVE-2025-27070 Out-of-bounds Write in Windows Compute

Memory corruption while performing encryption and decryption commands...

CVE-2025-27070

CVE-2025-27070 is listed under Qualcomm closed-source components as a High-severity issue involving memory corruption during encryption and decryption commands. The available documents identify the vulnerability and its association with Qualcomm closed-source components, but do not provide a spec...

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A buffer error vulnerability exists in Qualcomm Chipsets that originates from a memory corruption when executing encryption and decryption commands...

PT-2025-44991

Name of the Vulnerable Software and Affected Versions CFMOTO RIDE affected versions not specified Description An Insecure Direct Object Reference IDOR vulnerability exists in the vehicleId parameter, allowing unauthorized access to sensitive information of other users’ vehicles. Exploiting this...

PT-2025-44922

Name of the Vulnerable Software and Affected Versions Windows Compute affected versions not specified Description A memory corruption issue exists when performing encryption and decryption commands. This can lead to an out-of-bounds write condition. Recommendations At the moment, there is no...

TencentOS Server 4: edk2 (TSSA-2025:0850)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0850 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

PHPGurukul News Portal 安全漏洞

News Portal is a news portal. News Portal has a hard-coded vulnerability that stems from the use of a fixed encryption key for the handling of the SECRETKEY parameter in the file /onps/settings.py. An attacker could exploit this vulnerability to obtain sensitive system information...

[SECURITY] Fedora 42 Update: openbao-2.4.3-1.fc42

Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...

CVE-2025-63675

cryptidy through 1.2.4 allows code execution via untrusted data because pickle.loads is used. This occurs in aesdecryptmessage in symmetricencryption.py...

OESA-2025-2612 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write.Impact summary:...

Chromium: CVE-2025-12439 Inappropriate implementation in App-Bound Encryption

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2025-54471

NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...

cryptidy allows code execution via untrusted data due to pickle.loads

cryptidy through 1.2.4 allows code execution via untrusted data because pickle.loads is used. This occurs in aesdecryptmessage in symmetricencryption.py...

GHSA-97W9-V595-3H5Q cryptidy allows code execution via untrusted data due to pickle.loads

cryptidy through 1.2.4 allows code execution via untrusted data because pickle.loads is used. This occurs in aesdecryptmessage in symmetricencryption.py...

CVE-2025-63675

cryptidy through 1.2.4 allows code execution via untrusted data because pickle.loads is used. This occurs in aesdecryptmessage in symmetricencryption.py...

[SECURITY] Fedora 43 Update: openbao-2.4.3-1.fc43

Openbao secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Openbao handles leasing, key revocation, key rolling, and auditing. Through a unified API, us ers can access an encrypted Key/Value store and network...

SUSE CVE-2025-12439

Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

CVE-2025-63675

The vulnerability CVE-2025-63675 affects cryptidy up to version 1.2.4. The root cause is deserialization of untrusted data via pickle.loads in aes_decrypt_message within cryptidy/symmetric_encryption.py, enabling code execution. Multiple sources (Red Hat, OSV, GHSA, Snyk, CVE records) corroborate...