UBUNTU-CVE-2023-53554

In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buffer overflow in kswlansetencodeext The "exc-keylen" is a u16 that comes from the user. If it's over IWENCODINGTOKENMAX 64 that could lead to memory corruption...

CVE-2023-53575

In CVE-2023-53575, the Linux kernel wifi driver (iwlwifi, mvm) fixes a potential array out-of-bounds access by accounting for IWL_SEC_WEP_KEY_OFFSET when verifying key_len in iwl_mvm_sec_key_add(). The fix is implemented in the kernel code referenced in the stable commits: https://git.kernel.org/...

CVE-2023-53575 wifi: iwlwifi: mvm: fix potential array out of bounds access

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential array out of bounds access Account for IWLSECWEPKEYOFFSET when needed while verifying keylen size in iwlmvmseckeyadd...

CVE-2023-53575 wifi: iwlwifi: mvm: fix potential array out of bounds access

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential array out of bounds access Account for IWLSECWEPKEYOFFSET when needed while verifying keylen size in iwlmvmseckeyadd...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly validating the keylen size, which could lead to out-of-bounds access to arrays...

PT-2025-40696

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the ks7010 driver. Specifically, a potential buffer overflow can occur within the ks wlan set encode ext function. The issue arises because t...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not verifying the length of a user-entered key, which could lead to memory corruption...

EUVD-2025-6219

Malicious code in bioql PyPI...

EUVD-2024-30545

Malicious code in bioql PyPI...

Debian dla-4310 : ceph - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4310 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4310-1 [email protected]...

pyjwt v2.10.1 was discovered to contain weak encryption. NOTE: this is disputed by the Supplier because the key length is chosen by the application that uses the library (admittedly, library users may benefit from a minimum value and a mechanism for opting in to strict enforcement).

...

Linux Distros Unpatched Vulnerability : CVE-2023-5363

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during...

Linux Distros Unpatched Vulnerability : CVE-2022-38493

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn't check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Servi...

Linux Distros Unpatched Vulnerability : CVE-2024-38579

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: bcm - Fix pointer arithmetic In spu2dumpomd value of ptr is increased by ciphkeylen instead of hashivlen which could lead to going beyond the buffer...

SUSE CVE-2025-45766

poco v1.14.1-release was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is...

Linux Distros Unpatched Vulnerability : CVE-2025-37789

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: openvswitch: fix nested key length validation in the set action It's not safe to access nlalenovskey if the data is smaller than the netlink header. Check...

PT-2025-32202 · Poco +1 · Poco +1

Name of the Vulnerable Software and Affected Versions: poco version 1.14.1-release Description: poco version 1.14.1-release was discovered to contain weak encryption. There is a dispute regarding this issue, with some arguing that key lengths are expected to be set by the application using the...

PYSEC-2025-183

pyjwt v2.10.1 was discovered to contain weak encryption. NOTE: this is disputed by the Supplier because the key length is chosen by the application that uses the library admittedly, library users may benefit from a minimum value and a mechanism for opting in to strict enforcement...

PYSEC-2025-183

pyjwt v2.10.1 was discovered to contain weak encryption. NOTE: this is disputed by the Supplier because the key length is chosen by the application that uses the library admittedly, library users may benefit from a minimum value and a mechanism for opting in to strict enforcement...

DEBIAN-CVE-2025-45768

pyjwt v2.10.1 was discovered to contain weak encryption. NOTE: this is disputed by the Supplier because the key length is chosen by the application that uses the library admittedly, library users may benefit from a minimum value and a mechanism for opting in to strict enforcement...