Lucene search
K

61 matches found

RedHat Linux
RedHat Linux
added 2026/06/25 6:37 p.m.5 views

gnutls: gnutls: Information disclosure via heap overread in RSA key exchange

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...

8.2CVSS5.8AI score0.00727EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-51111

Name of the Vulnerable Software and Affected Versions OpenBao versions 2.5.2 through 2.5.4 Description An authenticated user with write access to the transit/keys/ endpoint can cause a denial-of-service by crashing the server. This occurs when a key-creation request is sent combining an asymmetri...

6.5CVSS5.9AI score
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 6:53 a.m.5 views

kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...

5.7AI score0.00154EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/16 4:53 p.m.12 views

gnutls: gnutls: Information disclosure via heap overread in RSA key exchange

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...

8.2CVSS5.5AI score0.00727EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/11 11:46 a.m.6 views

kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...

5.6AI score0.00154EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/29 6:28 p.m.12 views

CVE-2026-4387

StrongDM Desktop Application before 23.74.0 Desktop Client before 53.77.0 on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a per-user state file located at C:\Users\.sdm\state.kv. The file is protected only by default...

2CVSS5.9AI score0.00132EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.15 views

GnuTLS 安全漏洞

GnuTLS is an open-source, free security communication library developed by GnuTLS that enables the implementation of SSL, TLS, and DTLS protocols. GnuTLS libgnutls has a security vulnerability that stems from the transmission of extremely short pre-master keys during RSA key exchanges. This...

8.2CVSS5.9AI score0.00727EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/22 2:31 a.m.7 views

CVE-2026-39829

The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public...

5.8AI score0.004EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KEYS: prevented NULL pointer dereference in findasymmetrickey. In findasymmetrickey, if all NULL values are passed as arguments to id0,1,2, the kernel will first emit a WARN message, but then there will be an oops because id2 wil...

5.5CVSS5.9AI score0.0022EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys – prevented overflow in asymmetrickeygenerateid. Use checkaddoverflow to prevent potential integer overflows when adding the lengths of binary blobs and the size of an asymmetrickeyid structure. Return...

6AI score0.00154EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2026/05/05 12:0 a.m.16 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: nvme: avoid double free special payload CVE-2024-41073 kernel: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont a...

9.8CVSS6.1AI score0.96267EPSS
Exploits228References13
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.10 views

AlmaLinux 8 : kernel (ALSA-2026:13577)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13577 advisory. kernel: nvme: avoid double free special payload CVE-2024-41073 kernel: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend...

9.8CVSS6.8AI score0.96267EPSS
Exploits228References8
Snyk
Snyk
added 2026/03/06 7:14 a.m.6 views

Malicious Package

Overview asymmetric-key-generator is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.4AI score
Exploits0References2
Cvelist
Cvelist
added 2026/02/18 4:45 p.m.21 views

CVE-2026-20142 Sensitive Information Disclosure in "_internal" index in Splunk Enterprise

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the Splunk internal index could view the RSA accessKey value from the Authentication.conf file, in plain text...

6.8CVSS0.0031EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-47743)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47743 advisory. - In the Linux kernel, the following vulnerability has been resolved: KEYS: prevent NULL pointer dereference i...

5.5CVSS6.3AI score0.0022EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2024-54386

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00099EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-7650

Malicious code in bioql PyPI...

6.3CVSS6.3AI score0.00753EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/06/04 5:14 p.m.14 views

CVE-2025-48994

SignXML is an implementation of the W3C XML Signature standard in Python. When verifying signatures with X509 certificate validation turned off and HMAC shared secret set signxml.XMLVerifier.verifyrequirex509=False, hmackey=..., versions of SignXML prior to 4.0.4 are vulnerable to a potential...

6.9CVSS7.1AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/09 10:57 a.m.16 views

CVE-2024-43065

Cryptographic issues while generating an asymmetric key pair for RKP use cases...

7.1CVSS7.1AI score0.00099EPSS
Exploits0
NVD
NVD
added 2025/04/07 11:15 a.m.9 views

CVE-2024-43065

Cryptographic issues while generating an asymmetric key pair for RKP use cases...

7.1CVSS0.00099EPSS
Exploits0References1
Rows per page
Query Builder