18 matches found
EUVD-2016-5407
Malware in sbrugna...
EUVD-2025-32012
Malicious code in bioql PyPI...
liboqs 加密问题漏洞
liboqs is an Open Quantum Safe open source C library for quantum-safe cryptographic algorithms. A cryptographic issue vulnerability exists in versions of liboqs prior to 0.13.0, which stems from a design flaw in the HQC algorithm that could result in a large number of malformed ciphertexts sharin...
EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2025-1419)
According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain...
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2023-2888)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux kernel denial of service vulnerability (CNVD-2023-56639)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel, which originates from a flaw found in the skcipherrecvmsg symmetric-key cryptographic algorithm interface...
VulnCheck KEV: CVE-2023-29218
The Twitter Recommendation Algorithm through ec83d01 allows attackers to cause a denial of service reduction of reputation score by arranging for multiple Twitter accounts to coordinate negative signals regarding a target account, such as unfollowing, muting, blocking, and reporting, as...
Debian DSA-5354-1 : snort - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5354 advisory. Multiple security vulnerabilities were discovered in snort, a flexible Network Intrusion Detection System, which could allow an unauthenticated, remote attacker t...
Debian dla-3317 : snort - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3317 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3317-1 [email protected]...
Cisco Confirms It's Been Hacked by Yanluowang Ransomware Gang
Networking equipment major Cisco on Wednesday confirmed it was the victim of a cyberattack on May 24, 2022 after the attackers got hold of an employee's personal Google account that contained passwords synced from their web browser. "Initial access to the Cisco VPN was achieved via the successful...
IBM DataPower Gateway 加密问题漏洞
IBM DataPower Gateway is a security and integration platform built specifically for mobile, cloud, API, web, SOA, B2B and cloud workloads. A weak cryptographic algorithm vulnerability exists in IBM DataPower Gateway 10.0.0.0 - 10.0.1.0. An attacker could exploit the vulnerability to decrypt highl...
Multiple Cisco Products Security Vulnerabilities
The Cisco RV110W, among others, is a router from Cisco USA. A security vulnerability exists in a number of Cisco products and stems from a flaw in the detection algorithm. The vulnerability can be exploited by an attacker to bypass configured policies. The following products and versions are...
CVE-2019-11219
The algorithm used to generate device IDs UIDs for devices that utilize Shenzhen Yunni Technology iLnkP2P suffers from a predictability flaw that allows remote attackers to establish direct connections to arbitrary devices...
Design/Logic Flaw
An issue was discovered in sysPass 2.x before 2.1, in which an algorithm was never sufficiently reviewed by cryptographers. The fact that inc/SP/Core/Crypt.class is using the MCRYPTRIJNDAEL256 function the 256-bit block version of Rijndael, not AES instead of MCRYPTRIJNDAEL128 real AES could help...
CVE-2017-5999
The vulnerability CVE-2017-5999 affects sysPass 2.x before 2.1. The root cause is a cryptographic implementation using MCRYPT_RIJNDAEL_256() (256-bit block version) instead of MCRYPT_RIJNDAEL_128 (AES). This could allow an attacker to cause unknown havoc on the remote system. The connected source...
CVE-2015-8970
crypto/algifskcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AFALG socket before an accept system call is processed, which allows local users to cause a denial of service NULL pointer dereference and system crash via a crafted applicatio...
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1299-1)
Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. CVE-2011-1162 A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to...
Design/Logic Flaw
The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to...