EUVD-2026-33776

In btajvrfcommconnect of btajvact.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0045

CVE-2026-0045 concerns a logic error in the Bluetooth stack: in bta_jv_rfcomm_connect of bta_jv_act.cc , there is a possible bypass of bonding for a secure connection. This could allow local escalation of privilege with no additional execution privileges needed, and requires no user interaction t...

ASB-A-380091558

In btajvrfcommconnect of btajvact.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-48902

The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set...

CVE-2026-31773

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smprandom currently labels the stored STK as authenticated whenever pendingseclevel is BTSECURITYHIGH. That reflects what the...

EUVD-2026-26586

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smprandom currently labels the stored STK as authenticated whenever pendingseclevel is BTSECURITYHIGH. That reflects what the...

CVE-2026-31773

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smprandom currently labels the stored STK as authenticated whenever pendingseclevel is BTSECURITYHIGH. That reflects what the...

PT-2026-36408

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smp random currently labels the stored STK as authenticated whenever pending sec level is BT SECURITY HIGH. That reflects wha...

openjdk: Enhance TLS connection handling (Oracle CPU 2026-04)

No description is available for this CVE...

Security Bulletin: Race Condition in Eclipse Jersey (Versions 2.45, 3.0.16, 3.1.9) May Bypass Critical SSL Configurations and Compromise Secure Connections, affects watsonx.data

Summary In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignoring of critical SSL configurations - such as mutual authentication, custom key/trust stores, and other security settings. This issue may result in SSLHandshakeException under normal circumstances, but under...

MiracleLinux 7 : 389-ds-base-1.3.8.4-25.1.el7 (AXSA:2019-3946:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3946:02 advisory. 389-ds-base: DoS via hanging secured connections CVE-2019-3883 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.452.b09-2.el8 (AXSA:2025-9868:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9868:07 advisory. JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling...

CLSA-2025-1767028399 java-11-openjdk: Fix of 5 CVEs

Upgrade to openjdk-11.0.29+7 GA. The following CVEs were fixed: - CVE-2023-48161: fix buffer overflow vulnerability - CVE-2024-21147: RangeCheckElimination array index overflow - CVE-2025-21587: fix TLS connection support to avoid unauthorized access to critical data - CVE-2025-53057: enhance...

CVE-2025-40801

A vulnerability has been identified in COMOS V10.6 All versions V10.6.1, COMOS V10.6 All versions V10.6.1, JT Bi-Directional Translator for STEP All versions, NX V2412 All versions V2412.8900 with Cloud Entitlement bundled as NX X, NX V2506 All versions V2506.6000 with Cloud Entitlement bundled a...

EUVD-2019-3417

Malware in sbrugna...

EUVD-2022-30476

Malicious code in bioql PyPI...

EUVD-2022-30477

Malicious code in bioql PyPI...

EUVD-2024-17376

Malicious code in bioql PyPI...

EUVD-2022-39595

Malicious code in bioql PyPI...

Crypt-SSLeay

This is a Perl module called Crypt::SSLeay, which provides OpenSSL support for LWP Library for WWW in Perl. The module is used to handle SSL/TLS connections and is part of the LWP distribution. The module has a version of 0.7304 and is maintained by A. Sinan Unur, David Landgren, Joshua Chamas, a...