CVE-2026-5039

TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized...

CVE-2026-5039

TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized...

MiracleLinux 3 : openssl-0.9.8e-22.AXS3.4 (AXSA:2012-567:05)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-567:05 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which...

EUVD-2017-16579

Malware in sbrugna...

EUVD-2020-10147

Malware in sbrugna...

EUVD-2023-3110

Malicious code in bioql PyPI...

EUVD-2022-0971

Malicious code in bioql PyPI...

EUVD-2012-2326

Malicious code in bioql PyPI...

CVE-2025-2900

IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation...

CVE-2025-2900 IBM Semeru Runtime denial of service

IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow and subsequent crash, due to a defect in its native AES/CBC encryption implementation...

PT-2025-21227 · Ibm · Ibm Semeru Runtime

Name of the Vulnerable Software and Affected Versions: IBM Semeru Runtime versions 8.0.302.0 through 8.0.442.0 IBM Semeru Runtime versions 11.0.12.0 through 11.0.26.0 IBM Semeru Runtime versions 17.0.0.0 through 17.0.14.0 IBM Semeru Runtime versions 21.0.0.0 through 12.0.6.0 Description: The issu...

RHEL 6 : openssl098e (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssl: double-free in policy checks CVE-2011-4109 - The DTLS implementation in OpenSSL before 0.9.8s an...

SUSE CVE-2012-2333

Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted TLS packet that is no...

VulnCheck KEV: CVE-2016-0736

In Apache HTTP Server versions 2.4.0 to 2.4.23, modsessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation AES256-CBC by default, hence no selectable or builtin authenticated encryption. This made it vulnerable to padding...

PT-2023-35640 · Wolfssl · Wolfssl

Name of the Vulnerable Software and Affected Versions: wolfSSL affected versions not specified Description: The issue is related to a heap buffer overflow error. Technical details about the error include a crash type of Heap-buffer-overflow WRITE 16. The crash state involves the wc AesCbcEncrypt...

Pax - CLI Tool For PKCS7 Padding Oracle Attacks

Exploit padding oracles for fun and profit! Pax PAdding oracle eXploiter is a tool for exploiting padding oracles in order to: 1. Obtain plaintext for a given piece of CBC encrypted data. 2. Obtain encrypted bytes for a given piece of plaintext, using the unknown encryption algorithm used by the...

CVE-2021-42017

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i801, RUGGEDCOM i802, RUGGEDCOM i803, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM RMC30, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RP110, RUGGEDCOM...

Design/Logic Flaw

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i801, RUGGEDCOM i802, RUGGEDCOM i803, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM RMC30, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RP110, RUGGEDCOM...

OpenSSL: Timing-based attacks on SSL/TLS with CBC encryption (CVE-2003-0078) - Windows

OpenSSL is prone to timing-based attacks on SSL/TLS with CBC encryption. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

OpenSSL: Timing-based attacks on SSL/TLS with CBC encryption (CVE-2003-0078) - Linux

OpenSSL is prone to timing-based attacks on SSL/TLS with CBC encryption. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...