14 matches found
EUVD-2018-17684
Malware in sbrugna...
EUVD-2015-9011
Malware in sbrugna...
EUVD-2019-18300
Malware in sbrugna...
CVE-2025-46672
NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking...
CVE-2025-46672
NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking...
CVE-2025-46672
Summary : CVE-2025-46672 affects NASA CryptoLib up to v1.3.1 (before 1.3.2). The root cause is that the OTAR crypto function return status is not checked, which could allow incorrect handling of OTAR results and potentially enable spacecraft hijacking. Impact : the issue is described as a securit...
CVE-2025-46672
NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking...
CVE-2025-46672
NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking...
CVE-2025-22030
In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix cryptofreeacomp deadlock in zswapcpucompdead Currently, zswapcpucompdead calls cryptofreeacomp while holding the per-CPU acompctx mutex. cryptofreeacomp then holds scomplock through cryptoexitscompopsasync. On the...
PT-2023-4546 · Node.Js +10 · Node.Js +10
Name of the Vulnerable Software and Affected Versions: Node.js versions v16, v18, and v20 Description: The issue is related to insufficient input validation in the crypto.X509Certificate function. When an invalid public key is used to create an x509 certificate, a non-expected termination occurs,...
Security Bulletin: Vulnerabilities in GSKit fixed in IBM Security/Tivoli Directory Server (CVE-2015-0138, CVE-2015-0159)
Summary GSKit is an IBM component that is used by IBM Security/Tivoli Directory Server. The GSKit that is shipped with IBM Security/Tivoli Directory Server contains multiple security vulnerabilities including the “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability...
Encryption 101: ShiOne ransomware case study
In part one of this series, Encryption 101: a malware analyst's primer, we introduced some of the basic encryption concepts used in malware. If you haven't read it, we suggest going back for a review, as it's necessary in order to be able to fully follow part two, our case study. In this study, w...
CVE-2013-2061
The openvpndecrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher...
Low: openvpn
Issue Overview: The openvpndecrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the C...