CVE-2026-2747

Summary: CVE-2026-2747 affects SEPPmail Secure Email Gateway. The vulnerability arises because versions prior to 15.0.1 decrypt inline PGP messages without isolating them from surrounding unencrypted content, potentially exposing sensitive information to an unauthorized actor. This is described a...

CVE-2026-27443

CVE-2026-27443 affects SEPPmail Secure Email Gateway prior to version 15.0.1. The issue is that headers from S/MIME protected MIME entities are not properly sanitized, enabling an attacker to control trusted headers. According to the connected CVE record, the vulnerability is exploitable over net...

PT-2026-22890

SEPPmail Secure Email Gateway before version 15.0.1 incorrectly interprets email addresses in the email headers, causing an interpretation conflict with other mail infrastructure that allows an attacker to fake the source of the email or decrypt it...

CVE-2026-27932

joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...

CVE-2026-27932

joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...

CVE-2026-27932

joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...

CVE-2026-27932

joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...

CVE-2025-14480

IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2025-14480

IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2025-14480

IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

EUVD-2025-208263

IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2025-14480 IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms

IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2025-14480 IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms

IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2025-14480

CVE-2025-14480 affects IBM Aspera faspio Gateway 1.3.6. The Red Hat/NVD entries and IBM security bulletin describe use of weaker than expected cryptographic algorithms (CWE-327), which could allow an attacker to decrypt highly sensitive information. The vulnerability is associated with 1.3.6 and ...

Security update for postgresql14

This update for postgresql14 fixes the following issues: Update to version 14.22 bsc1258754. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to...

Security update for postgresql15

This update for postgresql15 fixes the following issues: Update to version 15.17 bsc1258754. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to...

SUSE-SU-2026:0768-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Update to version 14.22 bsc1258754. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to...

PT-2026-22820

IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

IBM MQ Appliance 加密问题漏洞

IBM MQ Appliance is an IBM software that is pre-installed on specialized, secure hardware. Versions of IBM MQ Appliance 9.4 CD 9.4.4.1 and earlier have a security vulnerability due to the use of encryption algorithms that are weaker than expected. This vulnerability may allow attackers to decrypt...

CVE-2026-3337

Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP CIPHER API: EVPaes128ccm, EVPaes192ccm, and EVPaes256ccm. Customers of AWS servic...