CVE-2025-29948

Improper access control in AMD Secure Encrypted Virtualization SEV firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity...

CVE-2025-29952

Improper Initialization within the AMD Secure Encrypted Virtualization SEV firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity...

OpenSSL 3.x QUIC Initial Packet Builder / Sender

This script is a proof of concept QUIC client that constructs fully encrypted initial packets with header protection. It can be used for testing or fuzzing QUIC/TLS 1.3 implementations. The script constructs and sends a cryptographically valid QUIC Initial packet over UDP. It simulates a QUIC...

GHSA-C7PH-F7JM-XV4W rPGP's integrity protection of encrypted data was not always checked

Summary For some messages, rPGP returned incorrectly decrypted data without signaling that integrity protection was invalid. Details When decrypting SEIPD Symmetrically Encrypted and Integrity Protected Data Packet, rPGP previously did not under all circumstances report the absence of valid...

CVE-2019-25340

SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. Attackers can generate a malformed input file with 2000 repeated characters to trigger an application crash when pasted in...

CVE-2019-25340 SpotAuditor 5.3.2 - 'Base64' Denial Of Service

SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. Attackers can generate a malformed input file with 2000 repeated characters to trigger an application crash when pasted in...

CVE-2019-25340

SpotAuditor 5.3.2 contains a denial of service in the Base64 decryption feature. An attacker can crash the application by supplying a malformed input file consisting of 2000 repeated characters, which triggers a crash when pasted into the Base64 Encrypted Password field. The CVSS metrics indicate...

USN-8038-1 nginx vulnerability

It was discovered that nginx incorrectly handled proxying to upstream TLS servers. An attacker could possibly use this issue to insert plain text data into the response from an upstream proxied server...

CVE-2026-26012

A flaw was found in vaultwarden, an unofficial Bitwarden compatible server. A regular organization member can retrieve all ciphers encrypted data within an organization, bypassing collection-level access controls. This allows for unauthorized information disclosure, potentially exposing sensitive...

PT-2026-7935

SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can generate a specially crafted Base64 encoded payload to trigger a Structured Exception Handler SEH...

Mageia: Security Advisory (MGASA-2026-0036)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2026-0036 Updated thunderbird packages fix security vulnerability

CSS-based exfiltration of the content from partially encrypted emails when allowing remote content. CVE-2026-0818...

Updated thunderbird packages fix security vulnerability

CSS-based exfiltration of the content from partially encrypted emails when allowing remote content. CVE-2026-0818...

[SECURITY] Fedora 42 Update: rust-sevctl-0.6.2-6.fc42

Administrative utility for AMD SEV...

[SECURITY] Fedora 42 Update: atuin-18.6.1-10.fc42

Atuin replaces your existing shell history with a SQLite database, and records additional context for your commands. Additionally, it provides optional and fully encrypted synchronization of your history between machines, via an Atuin server...

CVE-2025-48514

Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality...

CVE-2025-48517

Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial loss of confidentiality...

CVE-2025-29948

Improper access control in AMD Secure Encrypted Virtualization SEV firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity...

CVE-2025-29939

Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...

UBUNTU-CVE-2025-52536

Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity...