263 matches found
UBUNTU-CVE-2025-30258
In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."...
CVE-2025-27498 AEADs/ascon-aead: Plaintext exposed in decrypt_in_place_detached even on tag verification failure
aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext...
CVE-2025-27498 AEADs/ascon-aead: Plaintext exposed in decrypt_in_place_detached even on tag verification failure
aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext...
Azure Linux 3.0 Security Update: cloud-hypervisor-cvm / openssl (CVE-2024-12797)
The version of cloud-hypervisor-cvm / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12797 advisory. - Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server M...
CVE-2024-13798
CVE-2024-13798: Post Grid and Gutenberg Blocks – ComboBlocks for WordPress allows unauthenticated users to create orders and mark them paid due to insufficient form verification. Affected versions: all up to 2.3.5. Patch available: update to 2.3.5 (or newer) to remediate.
PT-2025-7482 · Medixant · Medixant Radiant Dicom Viewer
Name of the Vulnerable Software and Affected Versions: Medixant RadiAnt DICOM Viewer affected versions not specified Description: The issue is due to the failure of the update mechanism to verify the update server's certificate, which could allow an attacker to alter network traffic and carry out...
CVE-2025-25204
gh is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool gh attestation verify causes it to return a zero exit status when no attestations are present. This behavior is incorrect:...
`gh attestation verify` returns incorrect exit code during verification if no attestations are present
Summary A bug in GitHub's Artifact Attestation CLI tool, gh attestation verify, may return an incorrect zero exit status when no matching attestations are found for the specified --predicate-type or the default https://slsa.dev/provenance/v1 if not specified. This issue only arises if an artifact...
GHSA-FGW4-V983-MGP8 `gh attestation verify` returns incorrect exit code during verification if no attestations are present
Summary A bug in GitHub's Artifact Attestation CLI tool, gh attestation verify, may return an incorrect zero exit status when no matching attestations are found for the specified --predicate-type or the default https://slsa.dev/provenance/v1 if not specified. This issue only arises if an artifact...
CVE-2025-25204 `gh attestation verify` returns incorrect exit code during verification if no attestations are present
gh is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool gh attestation verify causes it to return a zero exit status when no attestations are present. This behavior is incorrect:...
CVE-2025-25204
gh is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool gh attestation verify causes it to return a zero exit status when no attestations are present. This behavior is incorrect:...
CVE-2024-13821
The WP Booking Calendar plugin for WordPress is vulnerable to Unauthenticated Post-Confirmation Booking Manipulation in all versions up to, and including, 10.10. This is due to the plugin not properly requiring re-verification after a booking has been made and a change is being attempted. This...
CVE-2025-1002
MicroDicom DICOM Viewer version 2024.03 fails to adequately verify the update server's certificate, which could make it possible for attackers in a privileged network position to alter network traffic and carry out a machine-in-the-middle MITM attack. This allows the attackers to modify the...
Authentication Bypass
github.com/edgelesssys/marblerun is vulnerable to Authentication Bypass. The vulnerability is due to the lack of verification that the recovery key was provided by an authorized party, combined with the failure to compare the Coordinator's root certificate against a trusted reference when...
ismp-grandpa crate accepted incorrect signatures
A critical vulnerability was discovered in the ismp-grandpa crate, that allowed a malicious prover easily convince the verifier of the finality of arbitrary headers. Description The vulnerability manifests as a verifer that only accepts incorrect signatures of Grandpa precommits and was introduce...
The vulnerability of GUE tunneling protocols, related to insufficient verification of the communication channel source, allows attackers to execute attacks such as “substitution of the trusted object”.
The vulnerability of GUE tunneling protocols lies in insufficient verification of the source of the communication channel. Exploiting this vulnerability allows a malicious actor to execute attacks such as “substitution of the trusted object” by sending a specially crafted packet containing two IP...
CVE-2024-57538
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field anonymousprotectstatus is copied to the stack without length verification...
CVE-2024-12087
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...
PT-2024-10878 · Huawei · Huawei Wearables
Name of the Vulnerable Software and Affected Versions: Huawei wearables affected versions not specified Description: The issue is related to the failure of verifying the actual data size when reading data. Successful exploitation may cause a server out of memory OOM. Recommendations: At the momen...
CVE-2020-9211
There is an out-of-bound read and write vulnerability in Huawei smartphone. A module dose not verify the input sufficiently. Attackers can exploit this vulnerability by modifying some configuration to cause out-of-bound read and write, causing denial of service. Vulnerability ID: HWPSIRT-2020-051...