765 matches found
EUVD-2023-2597
Malicious code in bioql PyPI...
EUVD-2022-26190
Malicious code in bioql PyPI...
EUVD-2024-27192
Malicious code in bioql PyPI...
EUVD-2021-33400
Malicious code in bioql PyPI...
EUVD-2025-26091
Malicious code in bioql PyPI...
EUVD-2023-58486
Malicious code in bioql PyPI...
Optimal Untelegraphable Encryption and Implications for Uncloneable Encryption
We investigate the notion of untelegraphable encryption UTE, a quantum encryption primitive that is a special case of uncloneable encryption UE, where the adversary's capabilities are restricted to producing purely classical information rather than arbitrary quantum states. We present an...
Obelix: Mitigating Side-Channels through Dynamic Obfuscation
Trusted execution environments TEEs offer hardware-assisted means to protect code and data. However, as shown in numerous results over the years, attackers can use side-channels to leak data access patterns and even single-step the code. While the vendors are slowly introducing hardware-based...
Erlang/OTP (Erlang OTP) Adaptive Chosen Ciphertext Vulnerability (GHSA-mhm2-354q-3277) - Linux
Erlang/OTP Erlang OTP is prone to an adaptive chosen ciphertext vulnerability in the ssl component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Erlang/OTP (Erlang OTP) Adaptive Chosen Ciphertext Vulnerability (GHSA-mhm2-354q-3277) - Windows
Erlang/OTP Erlang OTP is prone to an adaptive chosen ciphertext vulnerability in the ssl component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
1965 Cryptanalysis Training Workbook Released by the NSA
In the early 1960s, National Security Agency cryptanalyst and cryptanalysis instructor Lambros D. Callimahos coined the term "Stethoscope" to describe a diagnostic computer program used to unravel the internal structure of pre-computer ciphertexts. The term appears in the newly declassified...
Linux Distros Unpatched Vulnerability : CVE-2019-6690
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg...
SUSE CVE-2025-38608
In the Linux kernel, the following vulnerability has been resolved: bpf, ktls: Fix data corruption when using bpfmsgpopdata in ktls When sending plaintext data, we initially calculated the corresponding ciphertext length. However, if we later reduced the plaintext data length via socket policy, w...
DEBIAN-CVE-2025-38608
In the Linux kernel, the following vulnerability has been resolved: bpf, ktls: Fix data corruption when using bpfmsgpopdata in ktls When sending plaintext data, we initially calculated the corresponding ciphertext length. However, if we later reduced the plaintext data length via socket policy, w...
CVE-2025-38608
In the Linux kernel, the following vulnerability has been resolved: bpf, ktls: Fix data corruption when using bpfmsgpopdata in ktls When sending plaintext data, we initially calculated the corresponding ciphertext length. However, if we later reduced the plaintext data length via socket policy, w...
AZL-73602 CVE-2025-38608 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: bpf, ktls: Fix data corruption when using bpfmsgpopdata in ktls When sending plaintext data, we initially calculated the corresponding ciphertext length. However, if we later reduced the plaintext data length via socket policy, w...
AZL-66461 CVE-2025-38608 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: bpf, ktls: Fix data corruption when using bpfmsgpopdata in ktls When sending plaintext data, we initially calculated the corresponding ciphertext length. However, if we later reduced the plaintext data length via socket policy, w...
CVE-2025-38608 bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
In the Linux kernel, the following vulnerability has been resolved: bpf, ktls: Fix data corruption when using bpfmsgpopdata in ktls When sending plaintext data, we initially calculated the corresponding ciphertext length. However, if we later reduced the plaintext data length via socket policy, w...
CVE-2025-38608 bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
In the Linux kernel, the following vulnerability has been resolved: bpf, ktls: Fix data corruption when using bpfmsgpopdata in ktls When sending plaintext data, we initially calculated the corresponding ciphertext length. However, if we later reduced the plaintext data length via socket policy, w...
CVE-2025-38608
The CVE-2025-38608 issue is a Linux kernel vulnerability in bpf/ktls that can cause data corruption by failing to recalculate ciphertext length after plaintext length reduction via socket policy, resulting in uninitialized data being transmitted in TLS records. The impact is network-layer data in...