DEBIAN-CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

The vulnerability of registrars (self-checking devices) GX10, GX20, GP10, GP20, DX1000, DX2000, DX1000N, FX1000, DX1000T, DX2000T, CX1000, CX2000, R10000, and R20000, data collection systems, and data collection devices MW100 manufactured by Yokogawa lies in the possibility of initializing the authentication function with a default unsafe value, allowing unauthorized access to the device by intruders.

The vulnerability of the GX10, GX20, GP10, GP20, DX1000, DX2000, DX1000N, FX1000, DX1000T, DX2000T, CX1000, CX2000, R10000, and R20000 registrators, as well as the GM data collection systems and MW100 data collection devices manufactured by Yokogawa, is related to the possibility of initializing...

CVE-2023-49261 Sensitive authentication-related value accessible publicly

The "tokenKey" value used in user authorization is visible in the HTML source of the login page...

CVE-2020-26556

Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment...

Bluetooth Mesh 安全漏洞

Bluetooth Mesh is an application. A Bluetooth profile. A security vulnerability exists in Bluetooth Mesh that allows a nearby device to complete authentication without having an AuthValue and potentially obtain a NetKey and AppKey...

Bluetooth Mesh 安全漏洞

Bluetooth Mesh is an application. A configuration file for Bluetooth. A security vulnerability exists in Bluetooth Mesh that allows devices without AuthValue to complete configuration without forcing AuthValue...