Linux Distros Unpatched Vulnerability : CVE-2023-3108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the subsequent getuserpagesfast in the Linux kernel's interface for symmetric key cipher algorithms in the skcipherrecvmsg of...

crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare()

...

crypto: marvell/cesa - Handle zero-length skcipher requests

...

The vulnerability of the build-ca command in the Easy-RSA certificate management tool allows a attacker to execute a brute-force attack.

The vulnerability of the build-ca command in the Easy-RSA certificate management tool is related to insufficient data encryption due to the use of the cipher:des-ede3-cbc algorithm. Exploiting this vulnerability allows an attacker to execute a brute-force attack...

NewStart CGSL MAIN 7.02 : openssl Multiple Vulnerabilities (NS-SA-2025-0124)

The remote NewStart CGSL host, running version MAIN 7.02, has openssl packages installed that are affected by multiple vulnerabilities: - Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns durin...

CVE-2025-49087

A flaw was found in mbedtls. A timing vulnerability exists within the PKCS7 padding removal process for block ciphers, allowing a remote attacker to potentially recover plaintext data. This exploitation occurs through the observation of the time it takes to process a crafted ciphertext, resulting...

IBM OpenPages with Watson Encryption Issue Vulnerability

IBM OpenPages with Watson is an AI-powered financial risk analytics solution from International Business Machines IBM. The platform is based on AI technology to predict risk factors and minimize risks in financial activities by integrating, automatically identifying, measuring, monitoring,...

CVE-2025-49087

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS7 padding mode is used...

CVE-2025-49087

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS7 padding mode is used...

Covert Timing Channel

Overview Affected versions of this package are vulnerable to Covert Timing Channel in block cipher padding removal. An attacker can recover plaintext data by exploiting timing discrepancies during decryption when PKCS7 padding mode is used. Remediation Upgrade mbedtls to version 3.6.4 or higher...

CVE-2025-49087

The issue CVE-2025-49087 affects Mbed TLS 3.6.1–3.6.3 (pre-3.6.4) and is caused by a timing discrepancy in block cipher padding removal (PKCS#7), enabling plaintext recovery. IBM’s Power Systems bulletin confirms impact on PowerVM Hypervisor and provides remediation paths: install FW1110.10 (1110...

CVE-2025-49087

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS7 padding mode is used...

CVE-2025-49087

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS7 padding mode is used...

CVE-2025-49087

In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS7 padding mode is used...

Azure Linux 3.0 Security Update: libssh (CVE-2025-5987)

The version of libssh installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5987 advisory. - A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to...

CBL Mariner 2.0 Security Update: libssh (CVE-2025-5987)

The version of libssh installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5987 advisory. - A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to...

CVE-2025-7398

The CVE-2025-7398 issue affects Brocade ASCG prior to version 3.3.0. The vulnerability arises from the use of medium-strength cryptography on internal ports 9000 and 8036, potentially reducing cryptographic strength for traffic on those ports. Descriptions across multiple sources consistently ref...

The vulnerability of the sun8i-ce_cipher_prepare() function in the drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c module of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the sun8i-cecipherprepare function in the drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c module of the Linux operating system is related to improper release of resources. Exploiting this vulnerability could allow an attacker to cause a service failure...

SUSE CVE-2025-6395

A NULL pointer dereference flaw was found in the GnuTLS software in gnutlsfigurecommonciphersuite...

SUSE CVE-2025-38300

In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ce-cipher - fix error handling in sun8icecipherprepare Fix two DMA cleanup issues on the error path in sun8icecipherprepare: 1 If dmamapsg fails for areq-dst, the device driver would try to free DMA memory it has no...