752 matches found
EUVD-2022-0971
Malicious code in bioql PyPI...
EUVD-2022-55578
Malicious code in bioql PyPI...
VulnCheck KEV: CVE-2023-27008
A Cross-site scripting XSS vulnerability in the function encryptpassword in login.tmpl.php in ATutor 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter...
CVE-2025-10671
A vulnerability has been found in youth-is-as-pale-as-poetry e-learning 1.0. Impacted is the function encryptSecret of the file e-learning-master\exam-api\src\main\java\com\yf\exam\ability\shiro\jwt\JwtUtils.java of the component JWT Token Handler. The manipulation leads to insufficiently random...
CVE-2025-10671 youth-is-as-pale-as-poetry e-learning JWT Token JwtUtils.java encryptSecret random values
A vulnerability has been found in youth-is-as-pale-as-poetry e-learning 1.0. Impacted is the function encryptSecret of the file e-learning-master\exam-api\src\main\java\com\yf\exam\ability\shiro\jwt\JwtUtils.java of the component JWT Token Handler. The manipulation leads to insufficiently random...
CVE-2025-10671
CVE-2025-10671 concerns youth-is-as-pale-as-poetry e-learning 1.0, specifically the JWT Token Handler’s JwtUtils.encryptSecret. Multiple connected sources confirm the vulnerability is due to insufficiently random values generated by encryptSecret, which can be exploited remotely. The issue affect...
PT-2025-38404
Name of the Vulnerable Software and Affected Versions youth-is-as-pale-as-poetry e-learning version 1.0 Description A vulnerability exists due to insufficiently random values generated by the encryptSecret function within the JWT Token Handler component. The vulnerable file is...
CVE-2025-59339
The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote storage periodically, i...
CVE-2025-59339 The Bastion ttyrec files are not signed after encryption by the osh-encrypt-rsync script
The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote storage periodically, i...
CVE-2025-59339 The Bastion ttyrec files are not signed after encryption by the osh-encrypt-rsync script
The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote storage periodically, i...
kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done
A vulnerability was found in the Linux kernel's management of network namespaces. By manipulating the lifecycle of network namespaces, an attacker could exploit this vulnerability to cause a system crash or leak sensitive system memory. Exploitation of this vulnerability requires that a user has...
Linux Distros Unpatched Vulnerability : CVE-2022-50277
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: don't allow journal inode to have encrypt flag Mounting a filesystem whose journal ino...
PT-2025-38246
Name of the Vulnerable Software and Affected Versions: The Bastion affected versions not specified Description: The Bastion provides authentication, authorization, traceability, and auditability for SSH accesses. Session-recording ttyrec files are handled by the provided osh-encrypt-rsync script,...
SUSE CVE-2022-50277
In the Linux kernel, the following vulnerability has been resolved: ext4: don't allow journal inode to have encrypt flag Mounting a filesystem whose journal inode has the encrypt flag causes a NULL dereference in fscryptlimitioblocks when the 'inlinecrypt' mount option is used. The problem is tha...
CVE-2022-50277
In the Linux kernel, the following vulnerability has been resolved: ext4: don't allow journal inode to have encrypt flag Mounting a filesystem whose journal inode has the encrypt flag causes a NULL dereference in fscryptlimitioblocks when the 'inlinecrypt' mount option is used. The problem is tha...
DEBIAN-CVE-2022-50277
In the Linux kernel, the following vulnerability has been resolved: ext4: don't allow journal inode to have encrypt flag Mounting a filesystem whose journal inode has the encrypt flag causes a NULL dereference in fscryptlimitioblocks when the 'inlinecrypt' mount option is used. The problem is tha...
UBUNTU-CVE-2022-50277
In the Linux kernel, the following vulnerability has been resolved: ext4: don't allow journal inode to have encrypt flag Mounting a filesystem whose journal inode has the encrypt flag causes a NULL dereference in fscryptlimitioblocks when the 'inlinecrypt' mount option is used. The problem is tha...
CVE-2022-50277 ext4: don't allow journal inode to have encrypt flag
In the Linux kernel, the following vulnerability has been resolved: ext4: don't allow journal inode to have encrypt flag Mounting a filesystem whose journal inode has the encrypt flag causes a NULL dereference in fscryptlimitioblocks when the 'inlinecrypt' mount option is used. The problem is tha...
CVE-2022-50277
CVE-2022-50277 concerns the Linux kernel ext4 subsystem. When mounting a filesystem with the journal inode having the encrypt flag, a NULL dereference can occur in fscrypt_limit_io_blocks() via the path jbd2_journal_init_inode() → ext4_iomap_begin() → fscrypt_limit_io_blocks(). The issue arises b...
CVE-2022-50277 ext4: don't allow journal inode to have encrypt flag
In the Linux kernel, the following vulnerability has been resolved: ext4: don't allow journal inode to have encrypt flag Mounting a filesystem whose journal inode has the encrypt flag causes a NULL dereference in fscryptlimitioblocks when the 'inlinecrypt' mount option is used. The problem is tha...