8 matches found
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
copy-fail CVE-2026-31431 Copy Fail – a C language PoC,...
Timing Attack
Overview phpseclib/phpseclib is a PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc. Affected versions of this package are vulnerable to Timing Attack via the AES algorithm in CBC mode. An attacker can recover sensitive information by exploiting timin...
UBUNTU-CVE-2026-32935
phpseclib is a PHP secure communications library. Projects using versions 0.1.1 through 1.0.26, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue has been fixed in versions 1.0.27, 2.0.52 and 3.0.50...
phpseclib's AES-CBC unpadding susceptible to padding oracle timing attack
Impact Those using AES in CBC mode may be susceptible to a padding oracle timing attack. Patches https://github.com/phpseclib/phpseclib/commit/ccc21aef71eb170e9bf819b167e67d1fd9e6e788 Workarounds Use AES in CTR, CFB or OFB modes References...
PT-2026-26464
Name of the Vulnerable Software and Affected Versions phpseclib versions 1.0.26 and below phpseclib versions 2.0.0 through 2.0.51 phpseclib versions 3.0.0 through 3.0.49 Description phpseclib is a PHP secure communications library. Projects utilizing the affected versions are susceptible to a...
CVE-2025-68931 Jervis has AES CBC Mode Without Authentication
Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, AES/CBC/PKCS5Padding lacks authentication, making it vulnerable to padding oracle attacks and ciphertext manipulation. This vulnerability is fixed in 2.2...
EUVD-2017-2768
Malware in sbrugna...
Archive Cryptography: unarcrypto
Archive Cryptography unarcrypto.py is an educational tool to depict the use of cryptography for password verification, headers and content encryption by popular archivers: zip, 7zip, rar v3 and v5. Supported archives format, encryption and compression algorithms: zip password protected or not,...