Lucene search
+L

170 matches found

OSV
OSV
added 2026/07/10 3:41 p.m.4 views

MGASA-2026-0240 Updated vim packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Arbitrary Code Execution via Python Omni-Completion in Vim 9.1.1783 && Vim = 9.2.0320 && Vim 9.2.0679. CVE-2026-57454 Out-of-bounds Write in SOFO Soundfolding in Vim 9.2.0698. CVE-2026-57455 Arbitrary Code Execution via Python Omni-Completion...

8.4CVSS6.2AI score0.00303EPSS
Exploits0References34
OSV
OSV
added 2026/07/07 4:3 p.m.8 views

PYSEC-2026-1448 libsodium has Incomplete List of Disallowed Inputs

libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group. This advisoory...

4.5CVSS6AI score0.00166EPSS
Exploits0References16
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:17 a.m.17 views

Vim: Out-of-bounds Read with libsodium-encrypted Files

...

5.5CVSS5.8AI score0.0012EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/26 9:46 a.m.2 views

vim: Vim: Out-of-bounds Read with libsodium-encrypted Files

A flaw was found in Vim, an open source command-line text editor. When opening a specially crafted encrypted file using the VimCrypt04! or VimCrypt05! methods, an attacker could trigger an unsigned length calculation error. This issue leads to an out-of-bounds read, causing Vim to crash and...

5.5CVSS6AI score0.0012EPSS
Exploits0References7
NVD
NVD
added 2026/06/25 4:16 p.m.7 views

CVE-2026-57452

Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt04! or VimCrypt05! method xchacha20poly1305, requires the +sodium feature whose body is shorter than a single libsodium secretstream header, an unsigned length calculation underflo...

5.5CVSS0.0012EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 3:27 p.m.40 views

CVE-2026-57452

Vim (affected: Vim 9.2.x prior to 9.2.0671) is vulnerable when opening files encrypted with VimCrypt~04!/VimCrypt~05! using the libsodium secretstream path, where an unsigned length underflow for bodies shorter than a secretstream header causes a decryption call to read past the input buffer, cra...

5.5CVSS5.9AI score0.0012EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/25 3:27 p.m.4 views

CVE-2026-57452 Vim: Out-of-bounds Read with libsodium-encrypted Files

Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt04! or VimCrypt05! method xchacha20poly1305, requires the +sodium feature whose body is shorter than a single libsodium secretstream header, an unsigned length calculation underflo...

5.5CVSS6AI score0.0012EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/25 3:27 p.m.52 views

CVE-2026-57452 Vim: Out-of-bounds Read with libsodium-encrypted Files

Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt04! or VimCrypt05! method xchacha20poly1305, requires the +sodium feature whose body is shorter than a single libsodium secretstream header, an unsigned length calculation underflo...

5.5CVSS0.0012EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/25 3:27 p.m.8 views

CVE-2026-57452

Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt04! or VimCrypt05! method xchacha20poly1305, requires the +sodium feature whose body is shorter than a single libsodium secretstream header, an unsigned length calculation underflo...

5.5CVSS5.9AI score0.0012EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.18 views

PT-2026-52477

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0671 Description When opening a file encrypted using the VimCrypt04! or VimCrypt05! methods which utilize xchacha20poly1305 and require the +sodium feature, an unsigned length calculation underflows if the file body i...

7.8CVSS5.7AI score0.00137EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.12 views

EulerOS Virtualization 2.10.1 : libsodium (EulerOS-SA-2026-2026)

According to the versions of the libsodium package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to...

4.5CVSS5.5AI score0.00166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.13 views

EulerOS Virtualization 2.10.0 : libsodium (EulerOS-SA-2026-2053)

According to the versions of the libsodium package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to...

4.5CVSS5.5AI score0.00166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.14 views

EulerOS Virtualization 2.13.1 : libsodium (EulerOS-SA-2026-2136)

According to the versions of the libsodium package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to...

4.5CVSS5.6AI score0.00166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.13 views

EulerOS Virtualization 2.13.0 : libsodium (EulerOS-SA-2026-2175)

According to the versions of the libsodium package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to...

4.5CVSS5.6AI score0.00166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.7 views

SUSE SLES16 Security Update : python-PyNaCl (SUSE-SU-2026:21431-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:21431-1 advisory. Security fixes: - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to...

4.5CVSS5.8AI score0.00166EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 5:56 p.m.6 views

Security Bulletin:libsodium vulnerability: invalid elliptic curve point validation in crypto_core_ed25519_is_valid_point

Summary libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group...

4.5CVSS5.9AI score0.00166EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.5 views

openSUSE 16 Security Update : python-PyNaCl (openSUSE-SU-2026:20650-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20650-1 advisory. Security fixes: - CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to...

4.5CVSS5.8AI score0.00166EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.8 views

openSUSE 16 Security Update : libsodium (openSUSE-SU-2026:20642-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20642-1 advisory. Security fixes: - CVE-2025-15444: Cryptographic bypass via improper elliptic curve point validation bsc1256070. - CVE-2025-69277: incorrect...

9.8CVSS5.9AI score0.00228EPSS
Exploits0References6
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/30 12:0 a.m.5 views

Security update for python-PyNaCl (moderate)

openSUSE security update: security update for python-pynacl ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20650-1 Rating: moderate References: bsc1161557 bsc1199282 bsc1255764 Cross-References: CVE-2025-69277 CVSS scores: CVE-2025-69277 SUSE : 4.4...

4.8CVSS6.1AI score0.00166EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/30 12:0 a.m.7 views

Security update for libsodium (moderate)

openSUSE security update: security update for libsodium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20642-1 Rating: moderate References: bsc1255764 bsc1256070 Cross-References: CVE-2025-15444 CVE-2025-69277 CVSS scores: CVE-2025-15444 SUSE : 6.8...

6.8CVSS5.5AI score0.00228EPSS
Exploits0References2
Rows per page
Query Builder