82 matches found
openSUSE 16 Security Update : enc (openSUSE-SU-2026:20948-1)
The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20948-1 advisory. Changes in enc: - CVE-2026-1229: Fix incorrect value bsc1265533 Bump circl to 1.6.3 - Update to 1.1.5: Update dependencies 10 - Update to 1.1.4: Update...
OPENSUSE-SU-2026:20948-1 Security update for enc
This update for enc fixes the following issues: Changes in enc: - CVE-2026-1229: Fix incorrect value bsc1265533 Bump circl to 1.6.3 - Update to 1.1.5: Update dependencies 10 - Update to 1.1.4: Update all dependencies 9...
OPENSUSE-SU-2026:10995-1 enc-1.1.5-2.1 on GA media
These are all security issues fixed in the enc-1.1.5-2.1 package on the GA media of openSUSE Tumbleweed...
Linux Distros Unpatched Vulnerability : CVE-2026-46263
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Fix out-of-bounds stream encoder index v3 engid can be negative and that streamencregs can be indexed out of bounds. engid is used directly as ...
Malicious code in prisma-client-python (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ba0c0f6a1d1bdb5bffb45ca56fb99b8084fba921cc7689b6e8913c0436fe392 The package's CLI flow ppy generate reads dist/index.enc, a 346 KB AES-encrypted blob, decrypts it using a key extracted from dist/key.enc substring...
CVE-2026-43020
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate LTK encsize on load Load Long Term Keys stores the user-provided encsize and later uses it to size fixed-size stack operations when replying to LE LTK requests. An encsize larger than the 16-byte key...
CVE-2026-43020 Bluetooth: MGMT: validate LTK enc_size on load
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate LTK encsize on load Load Long Term Keys stores the user-provided encsize and later uses it to size fixed-size stack operations when replying to LE LTK requests. An encsize larger than the 16-byte key...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to validate encsize when loading LTK in the Bluetooth MGMT protocol, which could result in a stack...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013143)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013143 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page cou...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the AEADEncDataPacket parser in AEADEncDataPacket.java. An attacker can crash packet parsing by supplying an AEAD-encrypted OpenPGP packet with an out-of-range chunk size valu...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the AEADEncDataPacket parser in AEADEncDataPacket.java. An attacker can crash packet parsing by supplying an AEAD-encrypted OpenPGP packet with an out-of-range chunk size valu...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the AEADEncDataPacket parser in AEADEncDataPacket.java. An attacker can crash packet parsing by supplying an AEAD-encrypted OpenPGP packet with an out-of-range chunk size valu...
PT-2026-28261
Name of the Vulnerable Software and Affected Versions River Past CamDo version 3.7.6 Description The software contains a structured exception handler SEH buffer overflow. Local attackers can execute arbitrary code by providing a malicious string in the Lame enc.dll name field. Attackers can creat...
CVE-2021-4461
Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...
CVE-2021-4461
Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...
CVE-2021-4461
CVE-2021-4461 affects Seeyon Zhiyuan OA Web Application System
CVE-2021-4461 Seeyon Zhiyuan OA Web Application System < 7.0 SP1 Authentication Bypass
Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...
PT-2025-44459
Name of the Vulnerable Software and Affected Versions Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 Description The software does not properly decode and parse the enc parameter in the thirdpartyController.do endpoint. The decoded map values can influence session...
VulnCheck KEV: CVE-2021-4461
Seeyon Zhiyuan OA Web Application System versions up to and including 7.0 SP1 improperly decode and parse the enc parameter in thirdpartyController.do. The decoded map values can influence session attributes without sufficient authentication/authorization checks, enabling attackers to assign a...
EUVD-2025-10056
Malicious code in bioql PyPI...