103 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-15165
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TLS ECH decryptor crash in Wireshark 4.6.0 to 4.6.6 allows denial of service CVE-2026-15165 Note that Nessus relies on the presence of the package as reported b...
DEBIAN-CVE-2026-15165
TLS ECH decryptor crash in Wireshark 4.6.0 to 4.6.6 allows denial of service...
UBUNTU-CVE-2026-15165
TLS ECH decryptor crash in Wireshark 4.6.0 to 4.6.6 allows denial of service...
EUVD-2026-42412
TLS ECH decryptor crash in Wireshark 4.6.0 to 4.6.6 allows denial of service...
CVE-2026-15165
CVE-2026-15165 affects Wireshark 4.6.0–4.6.6, where the TLS Encrypted Client Hello (ECH) decryptor can crash during decryption of a malformed packet, leading to a denial of service. Root cause: crash in the TLS ECH decryptor component. Impact: application crash and denial of service. CVSSv3.1 bas...
CVE-2026-15165 Heap-based Buffer Overflow in Wireshark
TLS ECH decryptor crash in Wireshark 4.6.0 to 4.6.6 allows denial of service...
Malicious code in chalk-pro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac66dfb6013c32d34c6ce83bdba4628b67539e81df27fe18dcf71d3de05ff8ce Package is published as 'chalk-pro' homepage chalk-pro.com but its main entry is a verbatim copy of nodemailer's API — a typosquat impersonating both...
MAL-2026-5711 Malicious code in chalk-pro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac66dfb6013c32d34c6ce83bdba4628b67539e81df27fe18dcf71d3de05ff8ce Package is published as 'chalk-pro' homepage chalk-pro.com but its main entry is a verbatim copy of nodemailer's API — a typosquat impersonating both...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the AEADEncDataPacket parser in AEADEncDataPacket.java. An attacker can crash packet parsing by supplying an AEAD-encrypted OpenPGP packet with an out-of-range chunk size valu...
wolfSSL 安全漏洞
wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the US company wolfSSL, designed for developers working with embedded systems. There is a security vulnerability in wolfSSL, which stems from the PKCS7 implementation in the wcPKCS7DecryptOri function. This...
ChaCha20‑Poly1305 AEAD Production Decryptor
This C implementation provides a secure ChaCha20‑Poly1305 decryption function fully compliant with RFC 8439...
xtream-ui-security-audit
🔐 Xtream UI Security Audit & Exploitation Framework !Python...
Norton Crack Midnight Ransomware, Release Free Decryptor
Norton finds a flaw in the new Midnight ransomware built from Babuk code and releases a free decryptor to help victims recover files without paying a ransom...
Multi-Copy Security in Unclonable Cryptography
Unclonable cryptography leverages the quantum no-cloning principle to copy-protect cryptographic functionalities. While most existing works address the basic single-copy security, the stronger notion of multi-copy security remains largely unexplored. We introduce a generic compiler that upgrades...
EUVD-2015-8960
Malware in sbrugna...
PyInstaller has local privilege escalation vulnerability
Impact Due to a special entry being appended to sys.path during the bootstrap process of a PyInstaller-frozen application, and due to the bootstrap script attempting to load an optional module for bytecode decryption while this entry is still present in sys.path, an application built with...
Malicious code in backup-decryptor (npm)
The package backup-decryptor was found to contain malicious code...
MAL-2025-15324 Malicious code in backup-decryptor (npm)
The package backup-decryptor was found to contain malicious code...
FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant
Cybersecurity experts have released a decryptor for a ransomware strain called FunkSec, allowing victims to recover access to their files for free. "Because the ransomware is now considered dead, we released the decryptor for public download," Gen Digital researcher Ladislav Zezula said. FunkSec,...
Malicious code in keypair-decryptor-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 28b7a13ea11bbb26ce1785b3784f6dcd3470a60ad16e2235d40089c17023e8e8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...