EUVD-2015-9392

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414523)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414523 advisory. An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detachcapictr function in drivers/isdn/capi/kcapi.c...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986584)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986584 advisory. In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr-cnr to avoid array index out of bound The cmtpaddconnection would add a cm...

EUVD-2023-27014

Malicious code in bioql PyPI...

EUVD-2024-40037

Malicious code in bioql PyPI...

EUVD-2022-0887

Malicious code in bioql PyPI...

EUVD-2024-42756

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-26789

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/neonbs - fix out-of- bounds access on short input The bit-sliced implementatio...

CVE-2015-20112

RLPx 5 has two CTR streams based on the same key, IV, and nonce. This can facilitate decryption on a private network...

CVE-2015-20112

RLPx 5 has two CTR streams based on the same key, IV, and nonce. This can facilitate decryption on a private network...

PT-2025-27383 · Rlpx · Rlpx

Name of the Vulnerable Software and Affected Versions: RLPx version 5 Description: The issue concerns RLPx 5, which has two CTR streams based on the same key, IV, and nonce. This design flaw can facilitate decryption on a private network. Recommendations: For RLPx version 5, consider reconfigurin...

CVE-2015-20112

RLPx 5 has two CTR streams based on the same key, IV, and nonce. This can facilitate decryption on a private network...

CVE-2015-20112

CVE-2015-20112 concerns Ethereum’s RLPx 5 transport. The vulnerability arises because two CTR streams run from the same key, IV, and nonce, which could allow an adversary to decrypt traffic on a private network. Affected component: RLPx 5. Underlying issue: re-use of CTR parameters across streams...

Malicious code in larger-batch-ctr (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 656e9c562903fe04cc05fafcf53492252e227e586138c11099ab475fcde70aee A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

New Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion Tactics

Cybersecurity researchers have discovered an advanced version of the Qilin ransomware sporting increased sophistication and tactics to evade detection. The new variant is being tracked by cybersecurity firm Halcyon under the moniker Qilin.B. "Notably, Qilin.B now supports AES-256-CTR encryption f...

CLSA-2024-1728297376 kernel: Fix of 13 CVEs

btrfs: fix use-after-free after failure to create a snapshot CVE-2022-48733 - hwmon: nct6775-core Fix underflows seen when writing limit attributes CVE-2024-46757 - wifi: mac80211: Avoid address calculations via out of bounds array indexing CVE-2024-41071 - netfilter: conntrack: dccp: copy entire...

CVE-2024-47123

The goTenna Pro App uses AES CTR type encryption for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message. It is recommended to continue to use encryption in the app and update to the current...

CVE-2024-43108

The goTenna Pro ATAK Plugin uses AES CTR type encryption for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message. It is advised to continue to use encryption in the plugin and update to the curre...

CVE-2024-43108

CVE-2024-43108 affects the goTenna Pro ATAK Plugin. The vulnerability is due to AES-CTR encryption for short messages without any integrity checking, making messages malleable to an attacker who can access the message. Affected versions include 1.9.12 and earlier; mitigation guidance recommends u...

CVE-2024-43108 goTenna Pro ATAK Plugin Missing Support for Integrity Check

The goTenna Pro ATAK Plugin uses AES CTR type encryption for short, encrypted messages without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message. It is advised to continue to use encryption in the plugin and update to the curre...