Lucene search
K

4 matches found

Ubuntu
Ubuntu
added 2026/06/18 4:30 p.m.14 views

USN-8452-1: pbkdf2 vulnerability

Nikita Skovoroda discovered that pbkdf2 did not properly validate certain algorithm names. An attacker could possibly use this issue to generate predictable cryptographic keys, resulting in signature spoofing...

9.1CVSS5.4AI score0.00359EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/03/28 2:55 p.m.20 views

CVE-2025-30211 KEX init error results with excessive memory usage

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...

7.5CVSS7AI score0.00436EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/28 2:55 p.m.23 views

CVE-2025-30211 KEX init error results with excessive memory usage

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names 64 characters provided in K...

7.5CVSS0.00436EPSS
Exploits0References1
OSV
OSV
added 2024/07/29 3:15 p.m.4 views

DEBIAN-CVE-2024-41056

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Use strnlen on name fields in V1 wmfw files Use strnlen instead of strlen on the algorithm and coefficient name string arrays in V1 wmfw files. In V1 wmfw files the name is a NUL-terminated string in a fixed-size...

5.5CVSS5.6AI score0.00244EPSS
Exploits0References1
Rows per page
Query Builder