Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/14 12:0 a.m.3 views

SUSE SLES15 Security Update : qemu (SUSE-SU-2026:0889-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0889-1 advisory. This update for qemu fixes the following issue: - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. Tenable has...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References4
OSV
OSV
added 2026/02/18 9:16 p.m.6 views

UBUNTU-CVE-2025-14876

A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation. This can result in a denial of service DoS on the host system by causing the QEMU process to terminate...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-23060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec authencesn assumes...

5.5CVSS6AI score0.00123EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 3:0 a.m.5 views

CVE-2023-21179

In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.8AI score0.00076EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:17 p.m.8 views

CVE-2020-0259

In androidverityctr of dm-android-verity.c, there is a possible way to modify a dm-verity protected filesystem due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS7.7AI score0.0016EPSS
Exploits0References1
OSV
OSV
added 2024/12/13 3:15 p.m.2 views

CVE-2024-28980

Dell RecoverPoint for VMs, versions 6.0.x contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the SSH. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution...

9.8CVSS5.9AI score0.00546EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/01 12:0 a.m.7 views

PT-2023-7530 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to 2023-12-05 security patch Description: The issue is related to the APEX module framework of AOSP, where improperly used crypto could lead to a malicious update of platform components. This could result in local...

7.8CVSS7.7AI score0.00333EPSS
Exploits0References30
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.2 views

SUSE CVE-2018-14619

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each afalgctx was freed instead of when the aeadtfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user bein...

7.8CVSS7.7AI score0.0043EPSS
Exploits0References4
Schneier on Security
Schneier on Security
added 2019/07/01 10:55 a.m.23 views

Yubico Security Keys with a Crypto Flaw

Wow, is this an embarrassing bug: Yubico is recalling a line of security keys used by the U.S. government due to a firmware flaw. The company issued a security advisory today that warned of an issue in YubiKey FIPS Series devices with firmware versions 4.4.2 and 4.4.4 that reduced the randomness ...

1.6AI score
Exploits0
CNVD
CNVD
added 2018/07/10 12:0 a.m.2 views

Weak Algorithm Vulnerability in Multiple Huawei Products

Huawei eSpace U1981 and so on are products of Huawei China. eSpace U1981 is a voice gateway product. VP9660 is a multimedia switching platform. A weak cryptographic algorithm vulnerability exists in multiple Huawei products. Exploiting the vulnerability, an unauthenticated remote attacker needs t...

5.9CVSS5.5AI score0.01087EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.4 views

The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the rsyslog-crypto-7.4.7 package on the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...

7.5CVSS5.4AI score0.07546EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder