CVE-2026-28224

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when the server receives an opcryptkeycallback packet without prior authentication, the portservercryptcallback handler is not initialized, resulting in a null pointer dereference and...

CVE-2026-28224

Firebird CVE-2026-28224 affects Firebird server prior to 5.0.4, 4.0.7, and 3.0.14. When the server receives an op_crypt_key_callback packet without prior authentication, the port_server_crypt_callback handler is not initialized, causing a null pointer dereference and a server crash. An unauthenti...

EUVD-2026-23468

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when the server receives an opcryptkeycallback packet without prior authentication, the portservercryptcallback handler is not initialized, resulting in a null pointer dereference and...

PT-2026-33480

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when the server receives an op crypt key callback packet without prior authentication, the port server crypt callback handler is not initialized, resulting in a null pointer dereference...

Linux Distros Unpatched Vulnerability : CVE-2026-28224

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when the server receives an opcryptkeycallback...

Firebird 安全漏洞

Firebird is a set of open-source, cross-platform relational database management systems provided by the Firebird Foundation, offering multiple ANSI SQL-92 features. Vulnerabilities exist in versions prior to Firebird 5.0.4, 4.0.7, and 3.0.14. These vulnerabilities stem from the server failing to...

CVE-2026-5088

Apache::API::Password versions through 0.5.2 for Perl can generate insecure random values for salts. The makesalt and makesaltbcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are unavailable, it will simply...

CVE-2026-5086

Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timing could be used to guess the secret password...

PT-2026-33009

Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts. The make salt and make salt bcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are unavailable, it will simpl...

EUVD-2026-22136

Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timing could be used to guess the secret password...

CVE-2026-5086

Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timing could be used to guess the secret password...

CVE-2026-5086 Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks

Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timing could be used to guess the secret password...

CVE-2026-5086

CVE-2026-5086 affects Crypt::SecretBuffer

Crypt::SecretBuffer 安全漏洞

Crypt::SecretBuffer is a cryptographic buffer module developed by NERDVANA’s individual developers, designed for secure storage and memory protection of sensitive data. Versions of Crypt::SecretBuffer prior to 0.019 contained security vulnerabilities, which were due to susceptibility to timing...

PT-2026-32548

Perl CPAN CVE-2026-5086: Crypt::SecretBuffer versions before 0.019 is susceptible to timing attacks https://t.co/9mQfUsrqkz For example, if it was used to store and compare plaintext passwords, then discrepancies in timing could be used to guess the secret password...

CVE-2026-5477

An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...

SUSE-SU-2026:21145-1 Security update for perl-Authen-SASL

This update for perl-Authen-SASL fixes the following issues: Changes in perl-Authen-SASL: - CVE-2025-40918: use Crypt:URandom for generating nonces bsc1246623...

OPENSUSE-SU-2026:20480-1 Security update for perl-Authen-SASL

This update for perl-Authen-SASL fixes the following issues: Changes in perl-Authen-SASL: - CVE-2025-40918: use Crypt:URandom for generating nonces bsc1246623...

SUSE: Security Advisory (SUSE-SU-2026:1170-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : perl-Crypt-URandom (SUSE-SU-2026:1170-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1170-1 advisory. This update for perl-Crypt-URandom fixes the following issue: Update to 0.550.0 0.55: - CVE-2026-2474: heap buffer overflow in the XS function...