CLSA-2025-1752238368 Update of gnutls

Fix timing side-channel in deterministic ECDSA RHEL-28958 - Fix potential crash during chain building/verification RHEL-28953...

PT-2025-28963 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: Kaseya Rapid Fire Tools Network Detective versions through 2.0.16.0 Description: A cryptographic implementation flaw exists in the password encryption mechanism within the EncryptionUtil class. Symmetric encryption is implemented in a...

CipherMind: the Longest Codebook in the World

In recent years, the widespread application of large language models has inspired us to consider using inference for communication encryption. We therefore propose CipherMind, which utilizes intermediate results from deterministic fine-tuning of large model inferences as transmission content. The...

candid-extractor (>=0.1.0 <=0.1.2), debug-engine (>=0.1.0 <=0.1.1) +69 more potentially affected by unknown CVE via wasmtime-jit-debug (>=0.35.0 <=1.0.2)

wasmtime-jit-debug CARGO version =0.35.0, =0.1.0, =0.1.0, =0.1.3, =0.4.0, =0.4.0, =0.5.0, =0.0.1-alpha, =0.0.6, =0.11.0, =0.9.0, =0.9.0, =0.9.0, =0.10.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-9GHP-W2HM-VFPF...

CVE-2020-8929

A mis-handling of invalid unicode characters in the Java implementation of Tink versions prior to 1.5 allows an attacker to change the ID part of a ciphertext, which result in the creation of a second ciphertext that can decrypt to the same plaintext. This can be a problem with encrypting...

CVE-2020-5499

Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same...

CLSA-2025-1747903683 gnutls: Fix of 2 CVEs

CVE-2024-28834: fix side-channel leak in the deterministic ECDSA - CVE-2024-28835: fix crash when verifying a certificate chain with more than 16 certificates...

CANTXSec: a Deterministic Intrusion Detection and Prevention System for CAN Bus Monitoring ECU Activations

Despite being a legacy protocol with various known security issues, Controller Area Network CAN still represents the de-facto standard for communications within vehicles, ships, and industrial control systems. Many research works have designed Intrusion Detection Systems IDSs to identify attacks ...

Security update for libxslt

This update for libxslt fixes the following issues: CVE-2025-24855: Fix use-after-free of XPath context node bsc1239625 CVE-2024-55549: Fix UAF related to excluded namespaces bsc1239637 CVE-2023-40403: Make generate-id deterministic bsc1238591 Patch Instructions: To install this SUSE update use t...

SUSE-SU-2025:20277-1 Security update for libxslt

This update for libxslt fixes the following issues: CVE-2025-24855: Fix use-after-free of XPath context node bsc1239625 CVE-2024-55549: Fix UAF related to excluded namespaces bsc1239637 CVE-2023-40403: Make generate-id deterministic bsc1238591...

Security update for libxslt

This update for libxslt fixes the following issues: CVE-2025-24855: Fix use-after-free of XPath context node bsc1239625 CVE-2024-55549: Fix UAF related to excluded namespaces bsc1239637 CVE-2023-40403: Make generate-id deterministic bsc1238591 Patch Instructions: To install this SUSE update use t...

Progent: Programmable Privilege Control for LLM Agents

LLM agents are an emerging form of AI systems where large language models LLMs serve as the central component, utilizing a diverse set of tools to complete user-assigned tasks. Despite their great potential, LLM agents pose significant security risks. When interacting with the external world, the...

Deserialization Of Untrusted Data

github.com/cosmos/ibc-go is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to improper deserialization due to non-deterministic behavior when processing acknowledgments, which can halt the chain if exploited by a user opening an IBC channel...

Denial Of Service

IBC-Go is vulnerable to Denial Of Service. The vulnerability is due to improper handling of JSON unmarshalling for IBC Acknowledgements, allows an attacker to trigger a denial-of-service DoS condition and leads to non-deterministic behavior that can halt the chain...

GO-2025-3517 Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt in github.com/cosmos/ibc-go

Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt in github.com/cosmos/ibc-go...

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to inconsistencies in the deserialization process of acknowledgments, leading to non-deterministic behavior that can halt a blockchain network. Note: This is only exploitable if the attacker has the...

cheqd-node affected by Non-deterministic JSON Unmarshalling of IBC Acknowledgement

Description An issue was discovered in IBC-Go's deserialization of acknowledgements that results in non-deterministic behavior which can halt a chain. Any user that can open an IBC channel can introduce this state to the chain. This an upstream dependency used in cheqd-node, rather than a custom...

Denial Of Service (DoS)

github.com/cosmos/ibc-go is vulnerable to Denial Of Service DoS. The vulnerability is due to improper deserialization of IBC acknowledgements, allowing an attacker to halt the chain by introducing a non-deterministic state...

GO-2025-3494 IBC-Go has Non-deterministic JSON Unmarshalling of IBC Acknowledgement in github.com/cosmos/ibc-go

IBC-Go has Non-deterministic JSON Unmarshalling of IBC Acknowledgement in github.com/cosmos/ibc-go...

Exploit for Integer Overflow or Wraparound in Apple Ipados

Trigon Trigon is a deterministic kernel exploit based on CVE-...