79 matches found
USN-8148-3: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...
CVE-2024-58041
Smolder versions through 1.51 for Perl uses insecure rand function for cryptographic functions. Smolder 1.51 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Smolder::DB::Developer uses t...
CVE-2024-58041 Smolder versions through 1.51 for Perl uses insecure rand() function for cryptographic functions
Smolder versions through 1.51 for Perl uses insecure rand function for cryptographic functions. Smolder 1.51 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Smolder::DB::Developer uses t...
USN-7906-2 linux-gcp vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Cryptographic API; - Android drivers; - TTY drivers; - F2FS file system; - 9P file system netwo...
MGASA-2025-0279 Updated perl-Data-Entropy packages fix security vulnerability
Data::Entropy for Perl uses insecure rand function for cryptographic functions. CVE-2025-1860...
EUVD-2021-0760
Malware in sbrugna...
EUVD-2021-0803
Malware in sbrugna...
EUVD-2021-0876
Malware in sbrugna...
EUVD-2019-11501
Malware in sbrugna...
EUVD-2024-20737
Malicious code in bioql PyPI...
DEBIAN-CVE-2025-8114
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash...
CVE-2025-8114
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash...
CVE-2025-8114 Libssh: null pointer dereference in libssh kex session id calculation
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash...
Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation
Overview An out-of-bounds OOB read vulnerability has been identified in the Trusted Platform Module TPM 2.0 reference library specification, currently at Level 00, Revision 01.83 March 2024. An attacker with access to a TPM command interface can exploit this vulnerability by sending specially...
CVE-2021-29444
jose-browser-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed...
CVE-2019-25052
In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information...
PT-2025-17971 · Nasa · Nasa Cryptolib
Name of the Vulnerable Software and Affected Versions: NASA CryptoLib versions prior to 1.3.2 Description: The issue arises from NASA CryptoLib using Extended Procedures that are a Work in Progress, not intended for use during flight, potentially leading to a keystream oracle. Recommendations: Fo...
CVE-2024-56370
Net::Xero 0.044 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Net::Xero uses the Data::Random library which specifically states that it is "Useful mostly for test programs". Data::Rand...
CVE-2024-58036
Net::Dropbox::API 1.9 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Net::Dropbox::API uses the Data::Random library which specifically states that it is "Useful mostly for test...
CVE-2024-57868
Web::API 2.8 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Web::API uses the Data::Random library which specifically states that it is "Useful mostly for test programs". Data::Random...