OSV-2025-491 Heap-buffer-overflow in libssl.soNUMBER

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=427814448 Crash type: Heap-buffer-overflow READ 5 Crash state: libssl.soNUMBER libssl.soNUMBER SSLCTXsetcipherlist...

UBUNTU-CVE-2025-5987

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

SUSE CVE-2025-5987

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

A Comparative Study and Implementation of Key Derivation Functions Standardized by NIST and IEEE

Since many applications and services require pseudorandom numbers PRNs, it is feasible to generate specific PRNs under given key values and input messages using Key Derivation Functions KDFs. These KDFs are primarily constructed based on Message Authentication Codes MACs, where the MAC serves as ...

Bidirectional Biometric Authentication Using Transciphering and (T)FHE

Biometric authentication systems pose privacy risks, as leaked templates such as iris or fingerprints can lead to security breaches. Fully Homomorphic Encryption FHE enables secure encrypted evaluation, but its deployment is hindered by large ciphertexts, high key overhead, and limited trust...

Security update for python-cryptography

This update for python-cryptography fixes the following issues: CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242631 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...

Oracle-Based Multistep Strategy for Solving Polynomial Systems over Finite Fields and Algebraic Cryptanalysis of the Aradi Cipher

The multistep solving strategy consists in a divide-and-conquer approach: when a multivariate polynomial system is computationally infeasible to solve directly, one variable is assigned over the elements of the base finite field, and the procedure is recursively applied to the resulting simplifie...

react-native-keys insecurely stores encryption cipher and Base64 chunks

react-native-keys 0.7.11 is vulnerable to sensitive information disclosure remote as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. Attackers can extract these secrets using basic static analysis tools...

GHSA-FJ44-H6XW-896G react-native-keys insecurely stores encryption cipher and Base64 chunks

react-native-keys 0.7.11 is vulnerable to sensitive information disclosure remote as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. Attackers can extract these secrets using basic static analysis tools...

CVE-2025-45001

react-native-keys 0.7.11 is vulnerable to sensitive information disclosure remote as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. Attackers can extract these secrets using basic static analysis tools...

CVE-2025-45001

CVE-2025-45001 affects react-native-keys 0.7.11. The issue is that encryption cipher data and Base64 chunks are stored as plaintext in the compiled native binary, enabling leakage of secrets through basic static analysis. Documents consistently describe this as a remote information-disclosure vul...

PT-2025-24542 · Unknown · React-Native-Keys

Name of the Vulnerable Software and Affected Versions: react-native-keys version 0.7.11 Description: The issue concerns sensitive information disclosure, where encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. Attackers can extract these secrets using basi...

Security Bulletin: IBM CloudPak for Data Scheduling Service is vulernable to the Sweet32 attack.

Summary The 3DES cipher was available in some TLS cipher suites. Vulnerability Details CVEID:CVE-2016-2183 DESCRIPTION: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which...

Security update for 389-ds

This update for 389-ds fixes the following issues: Security fixes: CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242666 Other fixes: Enable memory accounting as SUSE disables it by default bsc1241016. Fix dsidm service getdn option failing bsc1241988...

CVE-2023-41927

The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be phased out, increasing the risk of cryptographic weaknesses...

CVE-2023-48056

PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining CBC mode in AES encryption. This vulnerability can lead to the disclosure of information and communications...

CVE-2023-22912

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. CheckUser TokenManager insecurely uses AES-CTR encryption with a repeated aka re-used nonce, allowing an adversary to decrypt...

CVE-2023-23300

The Toybox.Cryptography.Cipher.initialize API method in CIQ API version 3.0.0 through 4.1.7 does not validate its parameters, which can result in buffer overflows when copying data. A malicious application could call the API method with specially crafted parameters and hijack the execution of the...

CVE-2023-2158

Code Dx versions prior to 2023.4.2 are vulnerable to user impersonation attack where a malicious actor is able to gain access to another user's account by crafting a custom "Remember Me" token. This is possible due to the use of a hard-coded cipher which was used when generating the token. A...

CVE-2022-25219

A null byte interaction error has been discovered in the code that the telnetdstartup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP...