Linux Distros Unpatched Vulnerability : CVE-2022-3358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSSL supports creating a custom cipher via the legacy EVPCIPHERmethnew function and associated function calls. This function was deprecated in OpenSSL 3.0 an...

Function Call With Incorrect Argument Type

Overview Affected versions of this package are vulnerable to Function Call With Incorrect Argument Type due to insufficient type validation in the update function. An attacker can manipulate input data by supplying crafted objects that cause the hash state to rewind and process unintended data. P...

@5ht/express (>=1.0.6 <=2.2.0), @audius/sdk (>=0.0.3 <=7.1.1) +7 more potentially affected by CVE-2025-9287 via cipher-base (=1.0.4)

cipher-base NPM version =1.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on cipher-base and may be impacted: - @5ht/express =1.0.6, =0.0.3, =6.0.4, =1.0.1, =1.5.2-beta.1, =1.0.0, =1.0.0, =0.2.0-beta.9, =0.2.0-beta.11 Source cves: CVE-2025-9287 Sourc...

Function Call With Incorrect Argument Type

Overview Affected versions of this package are vulnerable to Function Call With Incorrect Argument Type due to insufficient type validation in the update function. An attacker can manipulate input data by supplying crafted objects that cause the hash state to rewind and process unintended data. P...

CVE-2025-9287

Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4...

DEBIAN-CVE-2025-9287

Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4...

CVE-2025-9287

Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4...

UBUNTU-CVE-2025-9287

Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4...

CVE-2025-9287 Missing type checks leading to hash rewind and passing on crafted data

Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4...

CVE-2025-9287 Missing type checks leading to hash rewind and passing on crafted data

Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4...

CVE-2025-9287

Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4...

CVE-2025-9287

CVE-2025-9287 affects cipher-base (Node.js crypto-base) up to version 1.0.4. The root cause is incomplete input type checks during input validation, enabling input data manipulation. Public reports and Debian advisories confirm fixes: node-cipher-base updated to 1.0.4-4+deb11u1 (Debian 11) and la...

PT-2025-34162

Name of the Vulnerable Software and Affected Versions: cipher-base versions through 1.0.4 Description: An improper input validation issue exists in cipher-base, allowing input data manipulation. This is due to missing input type checks, which can lead to invalid value calculations, hash state...

Linux Distros Unpatched Vulnerability : CVE-2023-5363

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during...

cipher-base 安全漏洞

cipher-base is an abstract base class for cryptographic streams in the Browserify open source. A security vulnerability exists in cipher-base version 1.0.4 and earlier, which stems from improper input validation and could lead to tampering of input data...

Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2025-1140)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1140 advisory. A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName...

Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏洞

Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense are both products of Cisco, Inc.Cisco Secure Firewall Adaptive Cisco Secure Firewall Adaptive Security Appliance is an enterprise-class firewall software.Cisco Secure Firewall Threat Defense is an integrate...

Linux Distros Unpatched Vulnerability : CVE-2025-38300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: sun8i-ce-cipher - fix error handling in sun8icecipherprepare Fix two DMA cleanup issues on the error path in sun8icecipherprepare: 1 If dmamapsg fails f...

Linux Distros Unpatched Vulnerability : CVE-2024-38579

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: bcm - Fix pointer arithmetic In spu2dumpomd value of ptr is increased by ciphkeylen instead of hashivlen which could lead to going beyond the buffer...

Linux Distros Unpatched Vulnerability : CVE-2018-0498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery for a CBC based ciphersuite via a cache-bas...