USN-8280-3: Linux kernel (IoT) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8305-2: Linux kernel (Low Latency) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

TestSSL 3.2.3

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...

CVE-2025-34192

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140 macOS/Linux client deployments are built against OpenSSL 1.0.2h-fips released May 2016, which has been end-of-life since 2019 and is no longer supported by the OpenSSL...

TestSSL 3.2.2

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...

The Cybersecurity of a Humanoid Robot

The rapid advancement of humanoid robotics presents unprecedented cybersecurity challenges that existing theoretical frameworks fail to adequately address. This report presents a comprehensive security assessment of a production humanoid robot platform, bridging the gap between abstract security...

CVE-2025-48823

Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network...

TestSSL 3.0.10

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...

TestSSL 3.2.1

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...

The vulnerability of the IBM MQ Operator software, which manages containerized environments, stems from the use of cryptographic algorithms that contain defects. This allows attackers to exploit these vulnerabilities to disclose protected information.

The vulnerability of the IBM MQ Operator, a software tool for managing containerized environments, is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose protected information...

CVE-2024-41763 IBM Engineering Lifecycle Optimization - Publishing information disclosure

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

Fortinet FortiWeb Multiple cryptographic flaws allow for full LDAP and RADIUS passwords compromise (FG-IR-20-222)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-20-222 advisory. - A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS credentials in FortiSandbox...

PT-2024-40386 · Olm-Rs +3 · Olm-Rs +3

Name of the Vulnerable Software and Affected Versions: olm-sys affected versions not specified olm-rs affected versions not specified Description: The Matrix Foundation has officially deprecated the libolm library due to several publicly disclosed cryptographic vulnerabilities. As a result,...

The vulnerability of the Dell Isilon InsightIQ analytical platform for monitoring performance and generating reports lies in its use of cryptographic algorithms, which have defects and risks. This allows attackers to exploit these vulnerabilities to disclose protected information.

The vulnerability of the Dell Isilon InsightIQ performance monitoring and reporting platform relates to the use of cryptographic algorithms that contain vulnerabilities and risks. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

PT-2024-41463 · Moxa · Moxa Eds-510E

Уязвимость микропрограммного обеспечения коммутаторов Moxa EDS-510A связана с использованием криптографических алгоритмов, содержащих дефекты. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, повысить свои привилегии...

PT-2024-4764 · Энтек · Энтек

Name of the Vulnerable Software and Affected Versions: ЭНТЕК affected versions not specified Description: The issue is related to the use of flawed cryptographic algorithms in the SCADA system, which could allow an attacker to gain unauthorized access to protected information. Recommendations: At...

The vulnerability of the IBM MQ Operator software, which manages containerized environments and relies on cryptographic algorithms, contains defects that allow attackers to compromise protected information.

The vulnerability of the IBM MQ Operator, a software tool for managing containerized environments, is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an attacker to disclose protected information...

DTLS: Deprecated DTLSv1.0 Detection

It was possible to detect the usage of the deprecated DTLSv1.0 protocol on this system. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

PT-2023-36415 · Moxa · Nport 5600

Уязвимость микропрограммного обеспечения асинхронного сервера Moxa NPort 5600 связана с использованием криптографических алгоритмов, содержащих дефекты. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к устройству...

The vulnerability of the JSE component of the Oracle Java SE software platform and the Oracle GraalVM Enterprise Edition virtual machine allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the JSE component of Oracle Java SE software and the Oracle GraalVM Enterprise Edition virtual machine is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized...