Lucene search
K

158 matches found

Github Security Blog
Github Security Blog
added 2026/02/11 3:13 p.m.9 views

Pion DTLS's usage of random nonce generation with AES GCM ciphers risks leaking the authentication key

Impact Pion DTLS versions v1.0.0 through v3.0.10 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden attack". Patches Upgrade to v3.1.1 or late...

5.9CVSS5.6AI score0.00619EPSS
Exploits0References8Affected Software3
Spring Security Advisories
Spring Security Advisories
added 2026/02/10 12:0 a.m.7 views

This Week in Spring - February 10th, 2026

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's February 10th, 2026, as I write this from lovely London, UK. I spoke at the local Java User Group here last night, had a wonderful time. Tomorrow, I'm going home. It's been fun, but it's time to conclude this roller...

5.6AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/02/04 4:7 p.m.4 views

CVE-2026-23060 crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, cryptoauthencesndecrypt can advance past the end of...

5.7AI score0.00123EPSS
Exploits0References7
Oracle linux
Oracle linux
added 2026/02/03 12:0 a.m.7 views

curl security update

8.12.1-2.el101.2 - openssl: respect system crypto policy for TLS max version RHEL-128923 8.12.1-2.el101.1 - cookie: don't treat the leading slash as trailing CVE-2025-9086 Resolves: RHEL-122689...

7.5CVSS7.5AI score0.01301EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.6 views

CVE-2026-22025

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, when the KMC server returns a non-200 HTTP...

6.3CVSS6.9AI score0.00497EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.7 views

CVE-2026-21900

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, an out-of-bounds heap read vulnerability in...

8.2CVSS7AI score0.00514EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.5 views

CVE-2026-21897

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the CryptoConfigAddGvcidManagedParameters...

7.3CVSS7AI score0.00261EPSS
Exploits0References1
NVD
NVD
added 2026/01/10 1:16 a.m.9 views

CVE-2026-22025

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, when the KMC server returns a non-200 HTTP...

6.3CVSS0.00497EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/10 12:24 a.m.6 views

EUVD-2026-1889

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the converthexstringtobytearray function in th...

5.7CVSS6.8AI score0.00209EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/10 12:17 a.m.6 views

EUVD-2026-1893

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, there is an out-of-bounds heap read...

8.2CVSS6.3AI score0.00525EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/10 12:14 a.m.5 views

EUVD-2026-1894

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, an out-of-bounds heap read vulnerability in...

8.2CVSS6.6AI score0.00514EPSS
Exploits1References3
OSV
OSV
added 2026/01/10 12:10 a.m.6 views

CVE-2026-21898 CryptoLib Has Out-of-bounds Read in Crypto_AOS_ProcessSecurity

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the CryptoAOSProcessSecurity function reads...

8.2CVSS6.8AI score0.00414EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/12/10 11:33 a.m.18 views

CVE-2024-56840

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...

7.5CVSS9.4AI score0.00596EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/19 5:20 p.m.5 views

CVE-2025-47761

An Exposed IOCTL with Insufficient Access Control vulnerability CWE-782 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an authenticated local user to execute unauthorized code via fortips driver. Success of the attack would requi...

7.8CVSS6.8AI score0.00142EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.7 views

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2020-24659)

An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a norenegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the...

7.5CVSS7.1AI score0.0373EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/10/31 5:14 p.m.8 views

CVE-2025-64096

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to 1.4.2, there is a missing bounds check in CryptoKeyupdate...

8.8CVSS8.9AI score0.00464EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/30 5:9 p.m.4 views

EUVD-2025-37044

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prier to 1.4.2, there is a missing bounds check in CryptoKeyupdate...

8.8CVSS6.9AI score0.00464EPSS
Exploits1References1
SUSE Linux
SUSE Linux
added 2025/10/24 10:12 a.m.9 views

Security update for kernel-livepatch-MICRO-6-0_Update_9

This update for kernel-livepatch-MICRO-6-0Update9 fixes the following issues: CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 CVE-2025-38471: kernel: tls: always refresh the queue when...

9.2CVSS7.3AI score0.00528EPSS
Exploits1References28
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.4 views

Microsoft NTLM 安全漏洞

Microsoft NTLM is a Microsoft USA authentication protocol used on networks including systems running the Windows operating system as well as standalone systems. A security vulnerability exists in Microsoft NTLM that originates from an attacker exploiting the vulnerability to perform a spoofing...

6.5CVSS9.2AI score0.00746EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.1 views

EUVD-2019-18568

Malware in sbrugna...

5.9CVSS5.9AI score0.01522EPSS
Exploits0References3
Rows per page
Query Builder