Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1474 matches found

Akamai Blog
Akamai Blogadded 2025/12/01 2:0 p.m.4 views

Defend Post-Quantum Cryptography's “Harvest Now, Decrypt Later” with WAAP

Prepare for a quantum-safe future. Learn how Akamai App & API Protector helps stop the data leaks that fuel “harvest now, decrypt later” attacks...

7AI score
Exploits0
Microsoft CVE
Microsoft CVEadded 2025/11/25 1:2 a.m.10 views

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt

...

8.2CVSS7AI score0.00297EPSS
Exploits0
EUVD
EUVDadded 2025/11/24 9:31 p.m.4 views

EUVD-2025-198993

IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

5.9CVSS6.1AI score0.00154EPSS
Exploits0References2
OSV
OSVadded 2025/11/24 9:16 p.m.3 views

CVE-2025-36150

IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

7.5CVSS6.6AI score
Exploits0References1
Cvelist
Cvelistadded 2025/11/24 8:29 p.m.7 views

CVE-2025-36150 IBM Concert Information Disclosure

IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

5.9CVSS0.00154EPSS
Exploits0References1
OSV
OSVadded 2025/11/24 5:16 p.m.5 views

CVE-2025-63433

Xtooltech Xtool AnyScan Android Application 4.40.40 and prior uses a hardcoded cryptographic key and IV to decrypt update metadata. The key is stored as a static value within the application's code. An attacker with the ability to intercept network traffic can use this hardcoded key to decrypt,...

4.6CVSS5.8AI score0.00164EPSS
Exploits1References2
NVD
NVDadded 2025/11/24 5:16 p.m.4 views

CVE-2025-63433

Xtooltech Xtool AnyScan Android Application 4.40.40 and prior uses a hardcoded cryptographic key and IV to decrypt update metadata. The key is stored as a static value within the application's code. An attacker with the ability to intercept network traffic can use this hardcoded key to decrypt,...

4.6CVSS0.00164EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/11/24 12:0 a.m.4 views

PT-2025-47961

Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.0.0 Description IBM Concert versions 1.0.0 through 2.0.0 utilize cryptographic algorithms that are not sufficiently robust, potentially enabling an attacker to decrypt sensitive data. Recommendations Update...

5.9CVSS5.3AI score0.00154EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/11/24 12:0 a.m.1 views

Xtool AnyScan App 安全漏洞

Xtool AnyScan App is an automotive diagnostic mobile application from China-based Xtool. A security vulnerability exists in Xtool AnyScan App version 4.40.40 and earlier, which stems from the use of a hard-coded key to decrypt update metadata...

4.6CVSS6.7AI score0.00164EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2025/11/22 11:12 p.m.8 views

CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

8.2CVSS6.8AI score0.00297EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/11/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-11931

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function...

8.2CVSS5.8AI score0.00297EPSS
Exploits0References3
NVD
NVDadded 2025/11/21 11:15 p.m.6 views

CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

8.2CVSS0.00297EPSS
Exploits0References1
OSV
OSVadded 2025/11/21 11:15 p.m.3 views

DEBIAN-CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

8.2CVSS5.2AI score0.00297EPSS
Exploits0References1
OSV
OSVadded 2025/11/21 11:15 p.m.4 views

CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

8.2CVSS6.7AI score
Exploits0References1
OSV
OSVadded 2025/11/21 11:15 p.m.3 views

UBUNTU-CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

8.2CVSS5.8AI score0.00297EPSS
Exploits0References3
CVE
CVEadded 2025/11/21 10:57 p.m.573 views

CVE-2025-11931

The set of connected documents confirms this CVE affects wolfSSL’s XChaCha20-Poly1305 code, specifically the wc_XChaCha20Poly1305_Decrypt() function. The root cause is an integer underflow that can lead to out-of-bounds access when decrypting, and this path is taken from direct application calls ...

8.2CVSS6.4AI score0.00297EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2025/11/21 10:57 p.m.14 views

CVE-2025-11931 Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

2.1CVSS0.00297EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/11/21 10:57 p.m.2 views

CVE-2025-11931 Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

2.1CVSS6.4AI score0.00297EPSS
Exploits0References1
EUVD
EUVDadded 2025/11/21 10:57 p.m.6 views

EUVD-2025-198522

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

2.1CVSS6.3AI score0.00297EPSS
Exploits0References2
AlpineLinux
AlpineLinuxadded 2025/11/21 10:57 p.m.3 views

CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

8.2CVSS6.9AI score0.00297EPSS
Exploits0
Rows per page
Query Builder