63 matches found
Apache CXF < 4.0.4 - Aegis DataBinding SSRF / Local File Read
Apache CXF before 4.0.4, 3.6.3 and 3.5.8 has a Server-Side Request Forgery SSRF vulnerability when using the Aegis DataBinding. The XOP Include mechanism in multipart SOAP requests can be abused to read local files or make server-side HTTP requests to arbitrary URLs. An attacker can use this to...
aegis-alpha
No d...
EUVD-2008-4917
Malware in sbrugna...
EUVD-2007-1063
Malware in sbrugna...
EUVD-2024-0991
Malicious code in bioql PyPI...
EUVD-2025-28924
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-39789
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: x86/aegis - Add missing error checks The skcipherwalk functions can allocate memory and can fail, so checking for errors is necessary. CVE-2025-39789 No...
crypto: x86/aegis - Add missing error checks
...
SUSE CVE-2025-39789
In the Linux kernel, the following vulnerability has been resolved: crypto: x86/aegis - Add missing error checks The skcipherwalk functions can allocate memory and can fail, so checking for errors is necessary...
CVE-2025-39789
In the Linux kernel, the following vulnerability has been resolved: crypto: x86/aegis - Add missing error checks The skcipherwalk functions can allocate memory and can fail, so checking for errors is necessary...
AZL-70837 CVE-2025-39789 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: crypto: x86/aegis - Add missing error checks The skcipherwalk functions can allocate memory and can fail, so checking for errors is necessary...
DEBIAN-CVE-2025-39789
In the Linux kernel, the following vulnerability has been resolved: crypto: x86/aegis - Add missing error checks The skcipherwalk functions can allocate memory and can fail, so checking for errors is necessary...
CVE-2025-39789
In the Linux kernel, the following vulnerability has been resolved: crypto: x86/aegis - Add missing error checks The skcipherwalk functions can allocate memory and can fail, so checking for errors is necessary...
AZL-67202 CVE-2025-39789 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: crypto: x86/aegis - Add missing error checks The skcipherwalk functions can allocate memory and can fail, so checking for errors is necessary...
UBUNTU-CVE-2025-39789
In the Linux kernel, the following vulnerability has been resolved: crypto: x86/aegis - Add missing error checks The skcipherwalk functions can allocate memory and can fail, so checking for errors is necessary...
CVE-2025-39789
CVE-2025-39789 concerns the Linux kernel crypto code (x86/aegis). The vulnerability stems from missing error checks in skcipher_walk during memory allocations. Affected component: kernel crypto subsystem; impact reported as high availability risk with local attacker context. The issue has been re...
CVE-2025-39789 crypto: x86/aegis - Add missing error checks
In the Linux kernel, the following vulnerability has been resolved: crypto: x86/aegis - Add missing error checks The skcipherwalk functions can allocate memory and can fail, so checking for errors is necessary...
CVE-2025-39789 crypto: x86/aegis - Add missing error checks
In the Linux kernel, the following vulnerability has been resolved: crypto: x86/aegis - Add missing error checks The skcipherwalk functions can allocate memory and can fail, so checking for errors is necessary...
PT-2025-37246
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The skcipher walk functions lacked necessary error checks after memory allocation, potentially leading to issues if allocation failed. This could impact the crypto subsystem on x86/aeg...
MAL-2025-3574 Malicious code in aegis-contracts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 012d98d433c475ff3012368e49e74b54c587fd81749e936cc898ba80a4d8d868 The OpenSSF Package Analysis project identified 'aegis-contracts' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...