137 matches found
aac (>=0.4.24 <=0.5.21), aac-gen-gherkin (>=0.1.0 <=0.1.4) +1590 more potentially affected by CVE-2026-39892 via cryptography (>=45.0.0 <=46.0.6)
cryptography PYPI version =45.0.0, =0.4.24, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =2.4.119, =0.10.2.4rc3, =3.2.1, =0.2.0, =0.3.4, =0.0.2, =0.0.6, =0.0.21 and more Source cves: CVE-2026-39892 Source advisory: OSV:GHSA-P423-J2CM-9VMQ...
aac (>=0.4.24 <=0.5.21), aac-gen-gherkin (>=0.1.0 <=0.1.4) +1590 more potentially affected by CVE-2026-39892 via cryptography (>=45.0.0 <=46.0.6)
cryptography PYPI version =45.0.0, =0.4.24, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =2.4.119, =0.10.2.4rc3, =3.2.1, =0.2.0, =0.3.4, =0.0.2, =0.0.6, =0.0.21 and more Source cves: CVE-2026-39892 Source advisory: SNYK:PYTHON-CRYPTOGRAPHY-15953315...
EUVD-2026-20640
Cryptography vulnerable to buffer overflow if non-contiguous buffers were passed to APIs...
Cryptography vulnerable to buffer overflow if non-contiguous buffers were passed to APIs
If a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. For example: python h = HashSHA256 b.updatebuf::-1 would read past the end of the buffer on Python 3.11...
K000160558: OpenSSL vulnerability CVE-2025-69419
Security Advisory Description Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write ca...
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses cryptography-46.0.3-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-26007.
Summary IBM Maximo Application Suite - Monitor Component uses cryptography-46.0.3-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-26007. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION: cryptography is a...
acedeploy (>=2.4.119 <=2.4.342), adam-assist (>=0.3.4 <=0.3.9) +464 more potentially affected by CVE-2026-34073 via cryptography (>=46.0.0 <=46.0.5)
cryptography PYPI version =46.0.0, =2.4.119, =0.3.4, =0.5.0, =0.0.18, =0.1.0, =0.1.1.post72, =0.11.0, =1.0.6, =0.0.1, =1.1.2, =0.4.0, =0.7.0 - amazon-sagemaker-sql-execution =0.1.0 - amiibo-converter =0.2.0 - ansys-aedt-toolkits-common =0.2.0 and more Source cves: CVE-2026-34073 Source advisory:...
0lever-utils (>=0.0.2 <=0.0.7), 0x-web3 (=5.0.0a5) +6223 more potentially affected by CVE-2026-34073 via cryptography (>=0.6.1 <=46.0.5)
cryptography PYPI version =0.6.1, =0.0.2, =2.3.0, =0.1.0, =0.5.0rc5, =0.9.2, =0.4.24, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =1.0.0, =1.0.0, =1.0.3 and more Source cves: CVE-2026-34073 Source advisory: OSV:GHSA-M959-CC7F-WV43...
acedeploy (>=2.4.119 <=2.4.342), adam-assist (>=0.3.4 <=0.3.9) +357 more potentially affected by CVE-2026-26007 via cryptography (>=46.0.0 <=46.0.4)
cryptography PYPI version =46.0.0, =2.4.119, =0.3.4, =0.5.0, =0.0.18, =0.1.0, =0.1.1.post72, =0.11.0, =1.0.6, =0.0.1, =1.1.2, =0.4.0, =0.3.2, =0.3.3 and more Source cves: CVE-2026-26007 Source advisory: SNYK:PYTHON-CRYPTOGRAPHY-15263096...
EUVD-2026-1893
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, there is an out-of-bounds heap read...
CVE-2025-15444 Crypt::Sodium::XS module versions prior to 0.000042, for Perl, include a vulnerable version of libsodium
Crypt::Sodium::XS module versions prior to 0.000042, for Perl, include a vulnerable version of libsodium libsodium = 1.0.20 or a version of libsodium released before December 30, 2025 contains a vulnerability documented as CVE-2025-69277 https://vulners.com/cve/CVE-2025-69277 . The libsodium...
CVE-2021-47712
A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms. The hotfix introduces an additional security layer to prevent hash value reuse and potential exploitation...
CVE-2021-47712
A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms. The hotfix introduces an additional security layer to prevent hash value reuse and potential exploitation...
CVE-2021-47712 Kentico Xperience <= 12.0.102 URL Hashing Cryptography Vulnerability
A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms. The hotfix introduces an additional security layer to prevent hash value reuse and potential exploitation...
CVE-2021-47712
CVE-2021-47712 concerns Kentico Xperience, where a cryptography vulnerability could let attackers manipulate URL hash values via existing hashing mechanisms. The available hotfix adds an extra security layer to prevent hash value reuse and potential exploitation. Documented impact indicates possi...
CVE-2021-47712 Kentico Xperience <= 12.0.102 URL Hashing Cryptography Vulnerability
A cryptography vulnerability in Kentico Xperience allows attackers to potentially manipulate URL hash values through existing hashing mechanisms. The hotfix introduces an additional security layer to prevent hash value reuse and potential exploitation...
PT-2025-52301
Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A cryptography issue exists in Kentico Xperience that may allow attackers to manipulate URL hash values by exploiting existing hashing mechanisms. A hotfix introduces an additional...
CVE-2025-12888
Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of...
EUVD-2025-32905
Malicious code in vercel-v0 npm...
EUVD-2021-0047
Malware in sbrugna...