Lucene search
K

9400 matches found

Nuclei
Nuclei
added 11 hours ago115 views

Crypto <= 2.15 - Authentication Bypass

The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.15. This is due a to limited arbitrary method call to 'cryptoconnectajaxprocess::login' function in the 'cryptoconnectajaxprocess' function. This makes it possible for unauthenticated...

9.8CVSS6.1AI score0.07217EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday5 views

crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

A flaw was found in the crypto/x509 package of golang. This vulnerability allows a remote attacker to cause a Denial of Service DoS by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name SAN entries. The certificate verification process, specifical...

7.5CVSS6AI score0.00904EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added yesterday13 views

Security Bulletin: IBM Storage Scale System: Vulnerability in Linux kernel crypto subsystem could allow local privilege escalation (CVE-2026-31431)

Summary IBM Storage Scale Systems is affected by a security vulnerability identified in the Linux kernel's cryptographic interface CVE-2026-31431 that could allow a local user with low privileges to escalate to root privileges. The vulnerability has a CVSS score of 7.8 High and requires local...

7.8CVSS6.7AI score0.96267EPSS
Exploits228Affected Software1
RedHat Linux
RedHat Linux
added yesterday5 views

golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate

A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to...

7.5CVSS5.9AI score0.00369EPSS
Exploits0References8
EUVD
EUVD
added 2 days ago3 views

EUVD-2026-41908

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA PKCS1 v1.5 decryption implementation in the Hisilicon HPRE crypto driver...

2.5CVSS6AI score0.00096EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-41514

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses...

2.5CVSS6AI score0.00096EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2 days ago3 views

DEBIAN-CVE-2026-40257

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.21.0 and prior to version 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one erro...

5.5CVSS6AI score0.00109EPSS
Exploits0References1
NVD
NVD
added 2 days ago7 views

CVE-2026-40257

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.21.0 and prior to version 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one erro...

5.5CVSS0.00109EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-40257 OP-TEE has SHA-3 accelerated finalize heap overflow

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.21.0 and prior to version 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one erro...

5.5CVSS0.00109EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-40257

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.21.0 and prior to version 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one erro...

5.5CVSS6AI score0.00109EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-41891

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.21.0 and prior to version 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one erro...

5.5CVSS6AI score0.00109EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2 days ago3 views

RockyLinux 8 : container-tools:rhel8 (RLSA-2026:35833)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:35833 advisory. github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption JWE object CVE-2026-34986...

9.1CVSS6.9AI score0.00651EPSS
Exploits0References11
OSV
OSV
added 4 days ago4 views

MAL-2026-6754 Malicious code in yt-api-dlp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3b9ca286cef4b241ded9603c192ce5b13e155cad9b017ee3f89b98674065374 During import, this malicious copy of a legitimate package downloads an encrypted data disguise as an image. It contains an archive with a next-stage script th...

6AI score
Exploits0References4
OSV
OSV
added 6 days ago5 views

USN-8498-1 linux-nvidia-tegra vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.4AI score0.00686EPSS
Exploits4References298
OSV
OSV
added 6 days ago4 views

ALSA-2026:34911 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath CVE-2026-43112 kernel: rxrpc: Fix potential UAF after skbunshare failure CVE-2026-45998 kernel: drm/gem: Fix inconsistent plan...

9.3CVSS6.5AI score0.00474EPSS
Exploits0References14
OSV
OSV
added 2026/07/01 4:43 p.m.6 views

USN-8488-1 linux, linux-aws, linux-gcp, linux-ibm, linux-oracle, linux-realtime vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS6.8AI score0.00675EPSS
Exploits8References237
RedHat Linux
RedHat Linux
added 2026/07/01 12:15 p.m.4 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.1AI score0.00621EPSS
Exploits0References8
OSV
OSV
added 2026/07/01 9:49 a.m.7 views

ROOT-APP-GOBINARY-CVE-2026-39827 CVE-2026-39827 in rootio-golang.org/x/crypto - Patched by Root

Root has patched CVE-2026-39827 in the rootio-golang.org/x/crypto package for Root:Go. Multiple fixed versions available...

6.5CVSS5.8AI score0.00196EPSS
Exploits0
OSV
OSV
added 2026/07/01 9:49 a.m.7 views

ROOT-APP-GOBINARY-CVE-2026-39829 CVE-2026-39829 in rootio-golang.org/x/crypto - Patched by Root

Root has patched CVE-2026-39829 in the rootio-golang.org/x/crypto package for Root:Go. Multiple fixed versions available...

7.5CVSS5.8AI score0.004EPSS
Exploits0
OSV
OSV
added 2026/07/01 9:49 a.m.7 views

ROOT-APP-GOBINARY-CVE-2026-39834 CVE-2026-39834 in rootio-golang.org/x/crypto - Patched by Root

Root has patched CVE-2026-39834 in the rootio-golang.org/x/crypto package for Root:Go. Multiple fixed versions available...

9.1CVSS5.8AI score0.00466EPSS
Exploits0
Rows per page
Query Builder