187 matches found
EUVD-2017-8846
Malware in sbrugna...
EUVD-2013-7227
Malware in sbrugna...
EUVD-2019-18307
Malware in sbrugna...
EUVD-2008-5139
Malware in sbrugna...
EUVD-2025-26194
Malicious code in bioql PyPI...
EUVD-2025-28779
Malicious code in bioql PyPI...
EUVD-2023-52140
Malicious code in bioql PyPI...
Erlang/OTP (Erlang OTP) TLS 1.0 Missing CBC Padding Check Vulnerability (GHSA-ffrq-5rxw-xj5m) - Windows
Erlang/OTP Erlang OTP is prone to a TLS 1.0 missing CBC padding check vulnerability in the ssl component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Allocation Of Resources Without Limits
Bouncy Castle is vulnerable to Allocation of Resources Without Limits. The vulnerability is due to excessive allocation due to improper handling in the AESNativeCBC.java implementation...
CVE-2025-7071
Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS7 decrypt operations...
CVE-2025-7071
The CVE concerns Oberon microsystems AG ocrypto library. A padding oracle timing side-channel in AES-CBC decryption with PKCS#7 padding exists for ocrypto versions 3.1.0 through 3.9.1 (i.e., all versions since 3.1.0 up to but not including 3.9.2). Attackers could recover plaintexts by measuring d...
CVE-2025-7071 Timing side-channel vulnerability in AES-CBC decryption with PKCS#7 padding in ocrypto library
Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS7 decrypt operations...
CVE-2025-7071 Timing side-channel vulnerability in AES-CBC decryption with PKCS#7 padding in ocrypto library
Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS7 decrypt operations...
PT-2025-35196
Name of the Vulnerable Software and Affected Versions: Oberon PSA Crypto library versions 1.0.0 through 1.5.0 Description: A padding oracle attack allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS7 decrypt operations. Recommendations: Update to version 1.5.1 or late...
PT-2025-35195
Name of the Vulnerable Software and Affected Versions: ocrypto versions 3.1.0 through 3.9.1 Description: A padding oracle attack allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS7 decrypt operations. Recommendations: Update to a version later than 3.9.1...
Linux Distros Unpatched Vulnerability : CVE-2017-3225
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's u...
Linux Distros Unpatched Vulnerability : CVE-2013-7469
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Seafile through 6.2.11 always uses the same Initialization Vector IV with Cipher Block Chaining CBC Mode to encrypt private data, making it easier to conduct...
Bouncy Castle for Java has Uncontrolled Resource Consumption Vulnerability
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All API modules allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java. This issue affects Bouncy...
CVE-2025-9341 Garbage collection can delay for AES CBC Native support, resulting in heap exhaustion
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All API modules, Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All API modules allows Excessive Allocation. This vulnerability is associated wi...
CVE-2025-9341 Garbage collection can delay for AES CBC Native support, resulting in heap exhaustion
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All API modules, Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All API modules allows Excessive Allocation. This vulnerability is associated wi...