CVE-2025-11230

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests...

CVE-2025-11230 Denial of service vulnerability in HAProxy mjson library

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests...

CVE-2025-11230

CVE-2025-11230 affects HAProxy due to inefficient algorithm complexity in the mjson library, enabling remote denial-of-service via specially crafted JSON requests. Connected documents specify vulnerable haproxy versions: < 2.4.24-2 and

HAProxy 安全漏洞

HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy. The server provides 4-layer and 7-layer proxies, and can support tens of thousands of level connections, with high efficiency and stability. A security vulnerability exists in HAProxy that stems from...

CVE-2025-9317 AVEVA Edge Use of a Broken or Risky Cryptographic Algorithm

The vulnerability, if exploited, could allow a miscreant with read access to Edge Project files or Edge Offline Cache files to reverse engineer Edge users' app-native or Active Directory passwords through computational brute-forcing of weak hashes...

EUVD-2025-197637

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is a Broken or Risky Cryptographic Algorithm...

HSEC-2023-0002 Improper Verification of Cryptographic Signature

Improper Verification of Cryptographic Signature The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious actors to forge valid Γ-signatures. Such an attack would allow an attacker to create a token with any access level. The version 2 of the specification mandate...

CVE-2025-54340

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is a Broken or Risky Cryptographic Algorithm...

DELL PowerScale OneFS Encryption Issue Vulnerability

DELL PowerScale OneFS is Dell's horizontally scalable clustered file system designed to manage unstructured data and support enterprise-class storage capabilities. DELL PowerScale OneFS suffers from an encryption issue vulnerability that stems from the use of an insecure encryption algorithm, whi...

CVE-2025-54340

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is a Broken or Risky Cryptographic Algorithm...

CVE-2025-54340

CVE-2025-54340 affects Desktop Alert PingAlert software, specifically the Application Server components in versions 6.1.0.11 through 6.1.1.2. The vulnerability is described as a Broken or Risky Cryptographic Algorithm, with an impact on confidentiality and a CVSSv3.1 base score of 4.1 (Medium). T...

MGASA-2025-0285 Updated perl-Authen-SASL packages fix security vulnerability

Authen::SASL::Perl::DIGESTMD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. CVE-2025-40918...

PT-2025-46670

Name of the Vulnerable Software and Affected Versions FiberHome GPON ONU HG6145F1 RP4423 Description A flaw exists in FiberHome GPON ONU HG6145F1 RP4423 that allows prediction of the device’s factory default Wi-Fi password WPA/WPA2 pre-shared key from the SSID. The device uses a predictable...

kernel: zram: fix NULL pointer in comp_algorithm_show()

In the Linux kernel, the following vulnerability has been resolved: zram: fix NULL pointer in compalgorithmshow LTP reported a NULL pointer dereference as followed: CPU: 7 UID: 0 PID: 5995 Comm: cat Kdump: loaded Not tainted 6.12.0-rc6+ 3 Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0...

EUVD-2025-60978

In TEE EcDSA algorithm, there is a possible memory consistency issue. This could lead to generated incorrect signature results with low probability...

CVE-2025-31719

CVE-2025-31719 concerns a memory consistency issue in the TEE EcDSA algorithm that could lead to incorrect signature results with low probability. Multiple sources (Red Hat, EUVD/ENISA, NVD, CVE lists) reiterate the same description; no concrete impact specifics (affected product versions, exploi...

Toward Autonomous and Efficient Cybersecurity: A Multi-Objective AutoML-Based Intrusion Detection System

With increasingly sophisticated cybersecurity threats and rising demand for network automation, autonomous cybersecurity mechanisms are becoming critical for securing modern networks. The rapid expansion of Internet of Things IoT systems amplifies these challenges, as resource-constrained IoT...

EUVD-2025-50806

Dell PowerScale OneFS, versions prior to 9.10.1.3 and versions 9.11.0.0 through 9.12.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

CVE-2025-43723

Dell PowerScale OneFS, versions prior to 9.10.1.3 and versions 9.11.0.0 through 9.12.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

Important: amazon-ecr-credential-helper

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...