Lucene search
K

8 matches found

GithubExploit
GithubExploit
added 2026/05/21 7:36 a.m.82 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

copy-fail CVE-2026-31431 Copy Fail – a C language PoC,...

7.8CVSS7.4AI score0.96267EPSS
Exploits228
Snyk
Snyk
added 2026/03/20 4:38 a.m.4 views

Timing Attack

Overview phpseclib/phpseclib is a PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc. Affected versions of this package are vulnerable to Timing Attack via the AES algorithm in CBC mode. An attacker can recover sensitive information by exploiting timin...

8.2CVSS5.8AI score0.00374EPSS
Exploits0References2
OSV
OSV
added 2026/03/20 3:16 a.m.2 views

UBUNTU-CVE-2026-32935

phpseclib is a PHP secure communications library. Projects using versions 0.1.1 through 1.0.26, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue has been fixed in versions 1.0.27, 2.0.52 and 3.0.50...

8.2CVSS5.7AI score0.00374EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/19 4:42 p.m.9 views

phpseclib's AES-CBC unpadding susceptible to padding oracle timing attack

Impact Those using AES in CBC mode may be susceptible to a padding oracle timing attack. Patches https://github.com/phpseclib/phpseclib/commit/ccc21aef71eb170e9bf819b167e67d1fd9e6e788 Workarounds Use AES in CTR, CFB or OFB modes References...

8.2CVSS5.7AI score0.00374EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.7 views

PT-2026-26464

Name of the Vulnerable Software and Affected Versions phpseclib versions 1.0.26 and below phpseclib versions 2.0.0 through 2.0.51 phpseclib versions 3.0.0 through 3.0.49 Description phpseclib is a PHP secure communications library. Projects utilizing the affected versions are susceptible to a...

8.2CVSS5.7AI score0.00374EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2026/01/13 7:17 p.m.3 views

CVE-2025-68931 Jervis has AES CBC Mode Without Authentication

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, AES/CBC/PKCS5Padding lacks authentication, making it vulnerable to padding oracle attacks and ciphertext manipulation. This vulnerability is fixed in 2.2...

8.7CVSS6.4AI score0.00172EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-2768

Malware in sbrugna...

7.5CVSS7.6AI score0.00675EPSS
Exploits0References2
n0where
n0where
added 2017/07/03 6:35 p.m.100 views

Archive Cryptography: unarcrypto

Archive Cryptography unarcrypto.py is an educational tool to depict the use of cryptography for password verification, headers and content encryption by popular archivers: zip, 7zip, rar v3 and v5. Supported archives format, encryption and compression algorithms: zip password protected or not,...

1AI score
Exploits0References2
Rows per page
Query Builder