Lucene search
K

5444 matches found

Fedora
Fedora
added 2 days ago8 views

[SECURITY] Fedora 44 Update: perl-Crypt-DSA-1.22-1.fc44

Crypt::DSA is an implementation of the DSA Digital Signature Algorithm signature verification system. This package provides DSA signing, signature verification, and key generation. DSA Digital Signature Algorithm signatures are no longer considered to be adequate for security. This module should...

7.5CVSS6.1AI score0.00508EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 4 days ago7 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Go Cryptography vulnerabilities (USN-8519-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8519-1 advisory. Jakub Ciolek and Nicola Murino discovered that Go Cryptography incorrectly handled SSH agent responses. A...

7.5CVSS6.8AI score0.00868EPSS
Exploits1References3
OSV
OSV
added 5 days ago10 views

ROOT-APP-PYPI-CVE-2026-39892 CVE-2026-39892 in rootio-cryptography - Patched by Root

Root has patched CVE-2026-39892 in the rootio-cryptography package for Root:PyPI. Multiple fixed versions available...

5.3CVSS5.8AI score0.00652EPSS
Exploits0
OSV
OSV
added 5 days ago5 views

ROOT-APP-PYPI-GHSA-537C-GMF6-5CCF GHSA-537c-gmf6-5ccf in rootio-cryptography - Patched by Root

Root has patched GHSA-537c-gmf6-5ccf in the rootio-cryptography package for Root:PyPI. Multiple fixed versions available...

5.9AI score
Exploits0
Ubuntu
Ubuntu
added 5 days ago5 views

USN-8519-1: Go Cryptography vulnerabilities

Jakub Ciolek and Nicola Murino discovered that Go Cryptography incorrectly handled SSH agent responses. An attacker could use this to cause a denial of service. CVE-2025-47913 Yuichi Watanabe discovered that Go Cryptography incorrectly handled SSH key exchanges. An attacker could use this to caus...

7.5CVSS6.8AI score0.00868EPSS
Exploits1
OSV
OSV
added 5 days ago8 views

ROOT-APP-PYPI-CVE-2026-26007 CVE-2026-26007 in rootio-cryptography - Patched by Root

Root has patched CVE-2026-26007 in the rootio-cryptography package for Root:PyPI. Multiple fixed versions available...

6.5CVSS5.4AI score0.00341EPSS
Exploits0
OSV
OSV
added 5 days ago7 views

ROOT-APP-PYPI-CVE-2026-34073 CVE-2026-34073 in rootio-cryptography - Patched by Root

Root has patched CVE-2026-34073 in the rootio-cryptography package for Root:PyPI. Multiple fixed versions available...

5.3CVSS5.8AI score0.00154EPSS
Exploits0
RedHat Linux
RedHat Linux
added 5 days ago6 views

golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate

A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to...

7.5CVSS5.9AI score0.00394EPSS
Exploits0References8
OSV
OSV
added 5 days ago10 views

ROOT-APP-PYPI-CVE-2024-12797 CVE-2024-12797 in rootio-cryptography - Patched by Root

Root has patched CVE-2024-12797 in the rootio-cryptography package for Root:PyPI. Multiple fixed versions available...

6.3CVSS6AI score0.02439EPSS
Exploits0
RedHat Linux
RedHat Linux
added 6 days ago4 views

golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions

A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate...

8.8CVSS6.1AI score0.00314EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 6 days ago4 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.1AI score0.00621EPSS
Exploits0References8
OSV
OSV
added 6 days ago6 views

ROOT-APP-PYPI-CVE-2023-50782 CVE-2023-50782 in rootio-cryptography - Patched by Root

Root has patched CVE-2023-50782 in the rootio-cryptography package for Root:PyPI. Multiple fixed versions available...

7.5CVSS7.1AI score0.01118EPSS
Exploits0
OSV
OSV
added 6 days ago9 views

ROOT-APP-PYPI-CVE-2023-49083 CVE-2023-49083 in rootio-cryptography - Patched by Root

Root has patched CVE-2023-49083 in the rootio-cryptography package for Root:PyPI. Multiple fixed versions available...

5.9CVSS5.2AI score0.00985EPSS
Exploits1
OSV
OSV
added 6 days ago9 views

ROOT-APP-PYPI-CVE-2023-0286 CVE-2023-0286 in rootio-cryptography - Patched by Root

Root has patched CVE-2023-0286 in the rootio-cryptography package for Root:PyPI. Multiple fixed versions available...

7.4CVSS8.2AI score0.59501EPSS
Exploits0
CVE
CVE
added last week37 views

CVE-2026-46354

Summary: A PKCS#7 signature bypass in Coder (Coder v2 before patches) allows unauthenticated token theft via Azure instance identity. The issue stems from azureidentity.Validate() validating only the signer certificate chain, not the signature itself, enabling forged PKCS#7 envelopes containing a...

9.1CVSS6.1AI score0.0026EPSS
Exploits0References8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added last week4 views

Security Bulletin: QRadar App SDK for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. Investigation Assistant App for IBM QRadar App SDK has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2026-39892 DESCRIPTION:...

9.8CVSS6.2AI score0.02667EPSS
Exploits0Affected Software1
Debian CVE
Debian CVE
added last week6 views

CVE-2026-14969

A flaw was found in 389-ds-base where the LDBM backend attribute encryption uses a hardcoded static initialization vector for AES-CBC and 3DES-CBC operations, allowing an attacker with privileged filesystem access to detect plaintext equality across encrypted entries by comparing ciphertext block...

4.4CVSS5.9AI score0.00077EPSS
Exploits0
RedHat Linux
RedHat Linux
added last week14 views

Important: Red Hat Security Advisory: buildah security update

An update for buildah is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.1CVSS7.2AI score0.00533EPSS
Exploits0References5
CVE
CVE
added 2026/07/06 8:24 a.m.18 views

CVE-2026-43867

The CVE concerns Apache Camel’s PQC component where AwsSecretsManagerKeyLifecycleManager.deserializeMetadata() Base64-decodes and deserializes persisted KeyMetadata via a raw java.io.ObjectInputStream.readObject() without an ObjectInputFilter or class allow-list. A user who can write to the confi...

9.8CVSS6.4AI score0.00691EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.6 views

PT-2026-56040

Name of the Vulnerable Software and Affected Versions Minosoft affected versions supporting Minecraft protocol 1.7 and later Description The CryptManager encryption routine in CryptManager.kt initializes its AES cipher using an initialization vector IV that is set equal to the secret key instead ...

5CVSS6.1AI score0.00111EPSS
Exploits0References7
Rows per page
Query Builder