157 matches found
Astra Linux – Vulnerability in Heimdal
The fix for CVE-2022-3437 involved changing the memcmp function to run in constant time, as well as providing a workaround for a compiler bug by adding comparisons of the result with the value “!= 0” to the memcmp function. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0...
openssl: AES-OCB IV Ignored on EVP_Cipher() Path
A flaw was found in OpenSSL. Applications that use the AES-OCB encryption method with a specific one-shot interface EVPCipher will have their provided Initialization Vector IV silently discarded. This leads to the same internal cryptographic value being used repeatedly, which compromises the...
Corosync 输入验证错误漏洞
Corosync is an open-source cluster engine developed by The Corosync Cluster Engine. Corosync has a vulnerability in input validation, which stems from integer overflows in the message integrity verification process. This vulnerability may lead to service crashes and denial-of-service attacks...
CVE-2026-26275 httpsig-hyper has Improper Digest Verification that May Allow Message Integrity Bypass
httpsig-hyper is a hyper extension for http message signatures. An issue was discovered in httpsig-hyper prior to version 0.0.23 where Digest header verification could incorrectly succeed due to misuse of Rust's matches! macro. Specifically, the comparison if matches!digest, expecteddigest treate...
CVE-2026-26275 httpsig-hyper has Improper Digest Verification that May Allow Message Integrity Bypass
httpsig-hyper is a hyper extension for http message signatures. An issue was discovered in httpsig-hyper prior to version 0.0.23 where Digest header verification could incorrectly succeed due to misuse of Rust's matches! macro. Specifically, the comparison if matches!digest, expecteddigest treate...
Improper Digest Verification in httpsig-hyper May Allow Message Integrity Bypass
Impact An issue was discovered in httpsig-hyper where Digest header verification could incorrectly succeed due to misuse of Rust's matches! macro. Specifically, the comparison: rust if matches!digest, expecteddigest treated expecteddigest as a pattern binding rather than a value comparison,...
EulerOS Virtualization 2.13.0 : krb5 (EulerOS-SA-2025-2582)
According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesse...
Unity Linux 20.1070e Security Update: krb5 (UTSA-2025-991244)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991244 advisory. A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If...
CVE-2023-53769
In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integrity. Instead, copy...
CVE-2023-53769
In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integrity. Instead, copy...
EulerOS 2.0 SP10 : krb5 (EulerOS-SA-2025-2391)
According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5...
F5 BIG-IP TMM Data Tampering Vulnerability
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A data tampering vulnerability exists in the TMM module of BIG-IP, which arises because undisclosed traffic can lead to data...
EUVD-2025-34644
On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification in protocols which do not have message integrity protection. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
PT-2025-42340
Name of the Vulnerable Software and Affected Versions BIG-IP systems affected versions not specified Description Undisclosed traffic can lead to data corruption and unauthorized data modification in protocols lacking message integrity protection. Software versions that have reached End of Technic...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A data tampering vulnerability exists in the TMM module of BIG-IP, which arises because undisclosed traffic can lead to data...
EUVD-2020-29891
Malware in sbrugna...
EUVD-2020-2587
Malware in sbrugna...
EUVD-2021-24163
Malware in sbrugna...
EUVD-2019-18529
Malware in sbrugna...
EUVD-2018-19029
Malware in sbrugna...