CVE-2025-30200

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived...

CVE-2025-30198

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...

CVE-2025-30200

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived...

CVE-2025-30198 ECOVACS Vacuum and Base Station Hard-Coded WPA2-PSK

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...

CVE-2025-30198 ECOVACS Vacuum and Base Station Hard-Coded WPA2-PSK

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...

CVE-2025-30200 ECOVACS Vacuum and Base Station Hard-Coded AES Encryption

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived...

Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.)

...

CVE-2025-9071

Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto library in all versions up to 1.5.1, results in deterministic RSA and thus in a loss of confidentiality for guessable messages, recognition of repeated...

Linux Distros Unpatched Vulnerability : CVE-2018-15470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple...

CVE-2025-9071 Insecure RSA-OAEP implementation with all-zero seed for padding in Oberon PSA Crypto

Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto library in all versions up to 1.5.1, results in deterministic RSA and thus in a loss of confidentiality for guessable messages, recognition of repeated...

CVE-2025-9071 Insecure RSA-OAEP implementation with all-zero seed for padding in Oberon PSA Crypto

Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto library in all versions up to 1.5.1, results in deterministic RSA and thus in a loss of confidentiality for guessable messages, recognition of repeated...

CVE-2025-9071

The CVE-2025-9071 entry concerns Oberon Microsystems’ Oberon PSA Crypto library (all versions up to 1.5.1). The root cause is using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, making RSA deterministic. This leads to confidentiality loss for guessable messages, rec...

Oberon PSA Crypto library 安全漏洞

Oberon PSA Crypto library is a cryptographic library from the Swiss company Oberon. A security vulnerability exists in Oberon PSA Crypto library version 1.5.1 and earlier, which stems from the use of all-zero seeds instead of random bytes, which could lead to RSA deterministic encryption, resulti...

PT-2025-35197

Name of the Vulnerable Software and Affected Versions: Oberon PSA Crypto Library versions prior to 1.6 Description: The software uses an all-zero seed for RSA-OEAP padding instead of generated random bytes. This results in deterministic RSA, leading to a loss of confidentiality for guessable...

Unlearning at Scale: Implementing the Right to Be Forgotten in Large Language Models

We study the right to be forgotten GDPR Art. 17 for large language models and frame unlearning as a reproducible systems problem. Our approach treats training as a deterministic program and logs a minimal per-microbatch record ordered ID hash, RNG seed, learning-rate value, optimizer-step counter...

Linux Distros Unpatched Vulnerability : CVE-2024-47763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash...

Linux Distros Unpatched Vulnerability : CVE-2019-16910

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might...

auto-wasi (=0.1.0), deterministic-wasi-ctx (>=0.1.1 <=0.1.14) +53 more potentially affected by CVE-2025-53901 via wasmtime-wasi (>=0.10.0 <=1.0.2)

wasmtime-wasi CARGO version =0.10.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.5.0, =0.0.1-alpha, =0.1.0, =0.1.0, =0.1.0, =0.9.0, =0.9.0, =0.9.0, =0.7.0, =0.9.2 and more Source cves: CVE-2025-53901 Source advisory: OSV:GHSA-FM79-3F68-H2FC...

CVE-2025-32874

An issue was discovered in Kaseya Rapid Fire Tools Network Detective through 2.0.16.0. A vulnerability exists in the EncryptionUtil class because symmetric encryption is implemented in a deterministic and non-randomized fashion. The method Encryptbyte clearData derives both the encryption key and...

CVE-2025-32874

CVE-2025-32874 affects Kaseya Rapid Fire Tools Network Detective up to version 2.0.16.0. The issue is in the EncryptionUtil class where symmetric encryption is implemented deterministically; the key and IV are derived from a fixed, hardcoded input using a static salt. As a result, identical plain...