Lucene search
K

1339 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.15 views

EUVD-2025-25504

Malicious code in bioql PyPI...

5.9CVSS6.3AI score0.00149EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-49206

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.0062EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-3089

Malicious code in bioql PyPI...

4CVSS7.5AI score0.02972EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-28486

Malicious code in bioql PyPI...

9.1CVSS9.1AI score0.01417EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-0971

Malicious code in bioql PyPI...

5.6CVSS7.4AI score0.00348EPSS
Exploits1References11
CVE
CVE
added 2025/09/29 8:34 p.m.41 views

CVE-2025-34234

Summary: CVE-2025-34234 affects Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 25.1.102 and Application prior to 25.1.1413. Two hardcoded private keys are shipped inside application containers (printerlogic/pi, printerlogic/printer-admin-api, printercloud/pi) and stored in p...

9.2CVSS6.3AI score0.00382EPSS
Exploits1References4Affected Software2
SUSE Linux
SUSE Linux
added 2025/09/15 12:33 p.m.3 views

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 bsc1241219. Krb5, as a very old protocol, supported quite a number of ciphers that are not longer up to current...

8.2CVSS7AI score0.00308EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/09/15 12:0 a.m.4 views

Erlang/OTP (Erlang OTP) TLS 1.0 Missing CBC Padding Check Vulnerability (GHSA-ffrq-5rxw-xj5m) - Linux

Erlang/OTP Erlang OTP is prone to a TLS 1.0 missing CBC padding check vulnerability in the ssl component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

6.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/31 9:26 a.m.4 views

CVE-2025-7071

Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS7 decrypt operations...

5.9CVSS6.8AI score0.00083EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/31 9:26 a.m.4 views

CVE-2025-7383

Padding oracle attack vulnerability in Oberon microsystem AG’s Oberon PSA Crypto library in all versions since 1.0.0 and prior to 1.5.1 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS7 decrypt operations...

5.9CVSS6.8AI score0.00083EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-9860

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving si...

7.5CVSS7.4AI score0.01382EPSS
Exploits0References2
CVE
CVE
added 2025/08/29 9:19 a.m.20 views

CVE-2025-7383

The CVE-2025-7383 entry concerns Oberon PSA Crypto library. A padding oracle timing side-channel affects AES-CBC PKCS#7 decryption, exploitable via timing measurements. Affected versions are 1.0.0 through 1.5.0; versions 1.5.1 and later are not affected. Impact is plaintext recovery with local ti...

5.9CVSS6.3AI score0.00083EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/29 9:19 a.m.3 views

CVE-2025-7383 Timing side-channel vulnerability in AES-CBC decryption with PKCS#7 padding in Oberon PSA Crypto library

Padding oracle attack vulnerability in Oberon microsystem AG’s Oberon PSA Crypto library in all versions since 1.0.0 and prior to 1.5.1 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS7 decrypt operations...

5.9CVSS6.3AI score0.00083EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/29 12:0 a.m.5 views

Oberon microsystem AG ocrypto library 安全漏洞

Oberon microsystem AG ocrypto library is a cryptographic software library from the Swiss company Oberon. A security vulnerability exists in Oberon microsystem AG ocrypto library versions prior to 3.1.0 through 3.9.2, which stems from a padded predicate attack on the AES-CBC PKCS7 decryption...

5.9CVSS6.7AI score0.00083EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2025/08/28 12:0 a.m.4 views

perl-Crypt-CBC-3.70.0-1.1 on GA media (moderate)

perl-Crypt-CBC-3.70.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15495-1 Rating: moderate Cross-References: CVE-2025-2814 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

4CVSS5.4AI score0.00189EPSS
Exploits0
OSV
OSV
added 2025/08/27 12:0 a.m.5 views

OPENSUSE-SU-2025:15495-1 perl-Crypt-CBC-3.70.0-1.1 on GA media

These are all security issues fixed in the perl-Crypt-CBC-3.70.0-1.1 package on the GA media of openSUSE Tumbleweed...

4CVSS5.8AI score0.00189EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/24 9:29 a.m.8 views

CVE-2025-9341

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All API modules, Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All API modules allows Excessive Allocation. This vulnerability is associated wi...

6.2CVSS6.8AI score0.00149EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2016-6329

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...

5.9CVSS7.3AI score0.0594EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/22 9:43 a.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the AESNativeCBC class due to the use of a private instance class, rather than a private static class. An attacker can cause heap exhaustion by triggering excessive memory allocati...

7.1CVSS6.9AI score0.00149EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/22 9:43 a.m.3 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the AESNativeCBC class due to the use of a private instance class, rather than a private static class. An attacker can cause heap exhaustion by triggering excessive memory allocati...

7.1CVSS6.9AI score0.00149EPSS
Exploits0References2
Rows per page
Query Builder