CLSA-2026-1778674879 opensc: Fix of CVE-2024-45619

CVE-2024-45619: fix incorrect access of initialized parts of partially filled buffers triggered by crafted APDU responses from USB devices or smart cards...

The vulnerability of the software for agentless monitoring of Solarwinds Server & Application Monitor, related to authentication procedures that allow a hacker to bypass the authentication process and access confidential information.

The vulnerability of the Solarwinds Server & Application Monitor software for agentless monitoring involves deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process and gain access to confidential information through...

Code injection

A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 aka Matrix SDK for Android before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were...

MMM mmm_agentd shell command injection vulnerability (CNVD-2018-15652)

MySQL Multi-Master Replication Manager MMM is a set of flexible scripts that performs monitoring/failover and management of MySQL master-master replication configurations. mmmagentd is an agent daemon that runs on each MySQL server and provides a simple set of remote services to the monitoring...

Design/Logic Flaw

A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 Java and OSCI Transport Library 1.6 .NET. Under an MITM condition within the OSCI infrastructure, an attacker needs to send crafted protocol messages to analyse the CBC mode padding in order to decrypt the...

CVE-2017-10669

Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 Java and OSCI Transport Library 1.6 .NET. An attacker with access to unencrypted OSCI protocol messages must send crafted protocol messages with duplicate IDs...

CVE-2017-10669

Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 Java and OSCI Transport Library 1.6 .NET. An attacker with access to unencrypted OSCI protocol messages must send crafted protocol messages with duplicate IDs...