CVE-2026-46077

A flaw was found in the Linux kernel's atmel-tdes cryptographic module. This vulnerability arises from an incorrect DMA Direct Memory Access synchronization direction, which can cause the system to process outdated data from the cache on non-coherent platforms. The primary consequence is the...

CVE-2026-43033

A flaw was found in the Linux kernel's authencesn cryptographic module. When performing out-of-place decryption where source and destination data buffers are different, the system incorrectly handles high-order sequence bits. This leads to improper data rearrangement before hashing, which could...

EUVD-2022-29296

Malicious code in bioql PyPI...

EUVD-2023-24778

Malicious code in bioql PyPI...

Azure Linux 3.0 Security Update: libssh (CVE-2025-5372)

The version of libssh installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5372 advisory. - A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf...

CVE-2023-20599

Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor CCP registers from x86 resulting in potential loss of control of cryptographic key pointer/index leading to loss of integrity or confidentiality...

CVE-2023-20599

CVE-2023-20599 describes an improper register access control in AMD’s ASP Crypto Co-Processor (CCP). The issue may allow a privileged attacker to access CCP registers from x86, risking loss of control of cryptographic key pointers/indices and potentially compromising confidentiality and integrity...

CVE-2022-24404

Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion...

CVE-2022-24404

Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion...

CVE-2022-24404

Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion...

Design/Logic Flaw

Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion...

CVE-2022-24404 Ciphertext Malleability in TETRA

Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion...

CVE-2022-24404 Ciphertext Malleability in TETRA

Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion...

CVE-2022-24404

CVE-2022-24404 describes a lack of ciphertext authentication in TETRA’s Air Interface Encryption (AIE)/TEA1, enabling an active attacker to perform bit-by-bit manipulations of the intercepted traffic (ciphertext malleability) and alter cleartext data. The root cause is absence of integrity/authen...

PT-2023-12752 · Tetra · Tetra

Name of the Vulnerable Software and Affected Versions: TETRA affected versions not specified Description: The issue is related to a lack of cryptographic integrity check on TETRA air-interface encrypted traffic. This allows an active adversary to manipulate cleartext data in a bit-by-bit fashion...

CVE-2022-36360

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Affected devices load firmware updates without checking the authenticity. Furthermore the integrity of the unencrypted firmware is only verified by a non-cryptographic method. This could allow an attacker t...

Authentic Credentials Recreation

vp-toolkit is vulnerable to authentic credentials recreation. The verifyVerifiableCredential function fails to correctly verify the credential.issuer DID against the signer of the credential during its cryptographic level integerity check, allowing a malicious holder of the credential to recreate...

Credentials Verification Bypass

vp-toolkit is vulnerable to credentials verification bypass. The verifyVerifiablePresentation function verifies the cryptographic integrity of the Verifiable Presentation but failure to check if the credentialSubject.id matches the signer of the VP proof allows to bypass the verification...

GHSA-P94W-42G3-F7H4 Holder can (re)create authentic credentials after receiving a credential in vp-toolkit

Impact The verifyVerifiableCredential method check the cryptographic integrity of the Verifiable Credential, but it does not check if the credential.issuer DID matches the signer of the credential. The verifier is impacted by this vulnerability. Patches Patch will be available in version 0.2.2...

GHSA-FF5X-W9WG-H275 Holder can generate proof of ownership for credentials it does not control in vp-toolkit

Impact The verifyVerifiablePresentation method check the cryptographic integrity of the Verifiable Presentation, but it does not check if the credentialSubject.id DID matches the signer of the VP proof. The verifier is impacted by this vulnerability. Patches Patch will be available in version...