1339 matches found
EUVD-2025-25504
Malicious code in bioql PyPI...
EUVD-2022-49206
Malicious code in bioql PyPI...
EUVD-2022-3089
Malicious code in bioql PyPI...
EUVD-2022-28486
Malicious code in bioql PyPI...
EUVD-2022-0971
Malicious code in bioql PyPI...
CVE-2025-34234
Summary: CVE-2025-34234 affects Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 25.1.102 and Application prior to 25.1.1413. Two hardcoded private keys are shipped inside application containers (printerlogic/pi, printerlogic/printer-admin-api, printercloud/pi) and stored in p...
Security update for krb5
This update for krb5 fixes the following issues: CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 bsc1241219. Krb5, as a very old protocol, supported quite a number of ciphers that are not longer up to current...
Erlang/OTP (Erlang OTP) TLS 1.0 Missing CBC Padding Check Vulnerability (GHSA-ffrq-5rxw-xj5m) - Linux
Erlang/OTP Erlang OTP is prone to a TLS 1.0 missing CBC padding check vulnerability in the ssl component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVE-2025-7071
Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS7 decrypt operations...
CVE-2025-7383
Padding oracle attack vulnerability in Oberon microsystem AG’s Oberon PSA Crypto library in all versions since 1.0.0 and prior to 1.5.1 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS7 decrypt operations...
Linux Distros Unpatched Vulnerability : CVE-2018-9860
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving si...
CVE-2025-7383
The CVE-2025-7383 entry concerns Oberon PSA Crypto library. A padding oracle timing side-channel affects AES-CBC PKCS#7 decryption, exploitable via timing measurements. Affected versions are 1.0.0 through 1.5.0; versions 1.5.1 and later are not affected. Impact is plaintext recovery with local ti...
CVE-2025-7383 Timing side-channel vulnerability in AES-CBC decryption with PKCS#7 padding in Oberon PSA Crypto library
Padding oracle attack vulnerability in Oberon microsystem AG’s Oberon PSA Crypto library in all versions since 1.0.0 and prior to 1.5.1 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS7 decrypt operations...
Oberon microsystem AG ocrypto library 安全漏洞
Oberon microsystem AG ocrypto library is a cryptographic software library from the Swiss company Oberon. A security vulnerability exists in Oberon microsystem AG ocrypto library versions prior to 3.1.0 through 3.9.2, which stems from a padded predicate attack on the AES-CBC PKCS7 decryption...
perl-Crypt-CBC-3.70.0-1.1 on GA media (moderate)
perl-Crypt-CBC-3.70.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15495-1 Rating: moderate Cross-References: CVE-2025-2814 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
OPENSUSE-SU-2025:15495-1 perl-Crypt-CBC-3.70.0-1.1 on GA media
These are all security issues fixed in the perl-Crypt-CBC-3.70.0-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2025-9341
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All API modules, Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All API modules allows Excessive Allocation. This vulnerability is associated wi...
Linux Distros Unpatched Vulnerability : CVE-2016-6329
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the AESNativeCBC class due to the use of a private instance class, rather than a private static class. An attacker can cause heap exhaustion by triggering excessive memory allocati...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the AESNativeCBC class due to the use of a private instance class, rather than a private static class. An attacker can cause heap exhaustion by triggering excessive memory allocati...