EUVD-2024-24495

Malicious code in bioql PyPI...

EUVD-2022-28751

Malicious code in bioql PyPI...

EUVD-2024-1003

Malicious code in bioql PyPI...

kernel security update

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

[SECURITY] [DLA 4321-1] openssl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4321-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 03, 2025 https://wiki.debian.org/LTS -...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 : OpenSSL vulnerabilities (USN-7786-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7786-1 advisory. Stanislav Fort discovered that OpenSSL incorrectly handled memory when trying to...

USN-7786-1 openssl, openssl1.0 vulnerabilities

Stanislav Fort discovered that OpenSSL incorrectly handled memory when trying to decrypt CMS messages encrypted with password-based encryption. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-9230 Stanislav Fort discovered that OpenSSL ha...

CVE-2025-9230

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...

AZL-78576 CVE-2025-9230 affecting package openssl-fips-provider 3.1.2-1

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...

CVE-2025-9230 Out-of-bounds read & write in RFC 3211 KEK Unwrap

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...

Keysight Ixia Vision 安全漏洞

Keysight Ixia Vision is a series of network packet proxies from Keysight Corporation USA. A security vulnerability exists in Keysight Ixia Vision that stems from hard-coded cryptographic material that could lead to the interception or decryption of payloads...

OpenSSL 安全漏洞

OpenSSL is an open source general-purpose cryptographic library capable of implementing the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols from the OpenSSL team. It supports a wide range of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

FreeBSD Security Advisory - FreeBSD-SA-25:08.openssl

FreeBSD Security Advisory - FreeBSD includes software from the OpenSSL Project. OpenSSL suffers from some new vulnerabilities. An application trying to decrypt cryptographic message syntax CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. A timing...

OpenSSL 1.1.1 < 1.1.1zd Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.1.1zd. It is, therefore, affected by a vulnerability as referenced in the 1.1.1zd advisory. - Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read...

OpenSSL 3.0.0 < 3.0.18 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.0.18. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.18 advisory. - Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy'...

kernel: tls: fix handling of zero-length records on the rx_list

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

kernel: tls: fix handling of zero-length records on the rx_list

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

GHSA-QR9H-X63W-VQFM OpenMLS improper persistence of the secret tree during message processing

Summary A bug in the OpenMLS library prevented private key material from being updated in storage during message processing. The key material in question are the keys stored in the MLS secret tree, which are used for decryption of private MLS messages. The effects of the bug are limited in scope,...

OESA-2025-2324 python-pyinstaller security update

PyInstaller bundles a Python application and all its dependencies into a single package. The user can run the packaged app without installing a Python interpreter or any modules. Security Fixes: Due to a special entry being appended to sys.path during the bootstrap process of a PyInstaller-frozen...

CVE-2025-60250

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV...