9040 matches found
CVE-2026-28205
OpenPLCV3 is vulnerable to an Initialization of a Resource with an Insecure Default vulnerability which could allow an attacker to gain access to the system by bypassing authentication via an API...
CVE-2026-33773
An Incorrect Initialization of Resource vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX Series and QFX Series device allows an unauthenticated, network-based attacker to cause an integrity impact to downstream networks. When the same family inet or...
EUVD-2026-21180
In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wcAriaEncrypt is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK with no internal counter, and because the explicit IV is...
CVE-2026-5446
In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wcAriaEncrypt is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK with no internal counter, and because the explicit IV is...
CVE-2026-5446 wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse
In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wcAriaEncrypt is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK with no internal counter, and because the explicit IV is...
CVE-2026-35523
Strawberry GraphQL is a library for creating GraphQL APIs. Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. The legacy graphql-ws subprotocol handler does not verify that a connectioninit handshake has been completed before...
CVE-2026-28205
OpenPLCV3 is vulnerable to an Initialization of a Resource with an Insecure Default vulnerability which could allow an attacker to gain access to the system by bypassing authentication via an API...
CVE-2026-28205 Initialization of a resource with an insecure default in OpenPLC_V3
OpenPLCV3 is vulnerable to an Initialization of a Resource with an Insecure Default vulnerability which could allow an attacker to gain access to the system by bypassing authentication via an API...
CVE-2026-28205 Initialization of a resource with an insecure default in OpenPLC_V3
OpenPLCV3 is vulnerable to an Initialization of a Resource with an Insecure Default vulnerability which could allow an attacker to gain access to the system by bypassing authentication via an API...
CVE-2026-28205
OpenPLCV3 is vulnerable to an Initialization of a Resource with an Insecure Default vulnerability which could allow an attacker to gain access to the system by bypassing authentication via an API...
CVE-2026-28205
Technical details beyond the description are not publicly provided in the supplied documents. Monitor for updates on affected versions, root cause, and remediation.
PT-2026-31736
In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wc AriaEncrypt is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK with no internal counter, and because the explicit IV is...
OpenPLC Runtime version 3 安全漏洞
OpenPLC Runtime version 3 is a programmable logic controller developed by Thiago Alves. There is a security vulnerability in OpenPLC Runtime version 3, which stems from the use of unsafe default values during resource initialization. This vulnerability could allow attackers to access the system...
PT-2026-31747
An Incorrect Initialization of Resource vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX Series and QFX Series device allows an unauthenticated, network-based attacker to cause an integrity impact to downstream networks. When the same family inet or...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006653)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006653 advisory. In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix error unwinding of XDP initialization When initializing XDP in virtnetopen, some r...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006695)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006695 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Initialize the chanstats array to zero The adapter-chanstats array is initialized ...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006790)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006790 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006650)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006650 advisory. In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Because acpiinstallfixedeventhandler...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006783)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006783 advisory. In the Linux kernel, the following vulnerability has been resolved: ARM: rockchip: fix kernel hang during smp initialization In order to bring up secondary CPUs main...
PYSEC-2026-133
Strawberry GraphQL is a library for creating GraphQL APIs. Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. The legacy graphql-ws subprotocol handler does not verify that a connectioninit handshake has been completed before...