CVE-2025-46777

A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.9 may allow an authenticated attacker with at least read-only admin permissions to view encrypted secrets via the FortiPortal System Log...

SUSE CVE-2025-5270

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...

SUSE-SU-2025:01747-1 Security update for grub2

This update for grub2 fixes the following issues: Security fixes: - CVE-2025-4382: exposure of data from encrypted device through CLI once the root device is successfully unlocked via TPM bsc1242971. Other bug fixes: - Fix incorrect nvme disks and boot order in bootlist output bsc1237174...

Synopsis: Secure and Private Trend Inference from Encrypted Semantic Embeddings

WhatsApp and many other commonly used communication platforms guarantee end-to-end encryption E2EE, which requires that service providers lack the cryptographic keys to read communications on their own platforms. WhatsApp's privacy-preserving design makes it difficult to study important phenomena...

CVE-2025-46777

A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.9 may allow an authenticated attacker with at least read-only admin permissions to view encrypted secrets via the FortiPortal System Log...

CVE-2025-46777

A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.9 may allow an authenticated attacker with at least read-only admin permissions to view encrypted secrets via the FortiPortal System Log...

CVE-2025-46777

Fortinet FortiPortal is affected by a log information disclosure vulnerability. In FortiPortal versions 7.4.0, 7.2.0–7.2.5, and 7.0.0–7.0.9, an authenticated user with at least read-only admin permissions may cause sensitive data to be written to the system log, allowing viewing of encrypted secr...

The vulnerability of the SimpleOne ITSM automation system lies in its ability to use strictly encrypted user data, which allows a malicious actor to compromise the domain name.

The vulnerability of the SimpleOne ITSM automation system relates to the possibility of using strictly encrypted user data. Exploiting this vulnerability could allow a malicious actor to compromise the domain name...

Fortinet FortiPortal 日志信息泄露漏洞

Fortinet FortiPortal is an advanced, feature-rich hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi and FortiAP product lines, available as a virtual machine for MSPs. Fortinet FortiPortal suffers from a log information disclosure vulnerability that originat...

CVE-2025-2796

On affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate encrypted packets, which should be dropped under normal anti-replay protection, will instead be...

CVE-2025-5270

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...

UBUNTU-CVE-2025-5270

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability affects Firefox 139 and Thunderbird 139...

CVE-2025-5270 SNI was sometimes unencrypted

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...

CVE-2025-5270

CVE-2025-5270 concerns Mozilla Firefox and Thunderbird where SNI could be sent unencrypted even when encrypted DNS is enabled. Affected products are Firefox versions earlier than 139 and Thunderbird versions earlier than 139. The vulnerability’s impact includes potential disclosure of sensitive i...

PT-2025-22995

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 139 Description The issue arises when SNI Server Name Indication could be sent unencrypted despite having encrypted DNS enabled. This affects Firefox, potentially exposing user data. Recommendations For versions prior...

Firefox -- unencrypted SNI

[email protected] reports: In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled...

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista Corporation. A security vulnerability exists in Arista EOS that stems from the possibility of incorrectly forwarding duplicate encrypted packets that should be discarded under certain circumstance...

M3S-UPD: Efficient Multi-Stage Self-Supervised Learning for Fine-Grained Encrypted Traffic Classification with Unknown Pattern Discovery

The growing complexity of encrypted network traffic presents dual challenges for modern network management: accurate multiclass classification of known applications and reliable detection of unknown traffic patterns. Although deep learning models show promise in controlled environments, their...

Mozilla Firefox < 139.0

The version of Firefox installed on the remote Windows host is prior to 139.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-42 advisory. - Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these...

Fedora: Security Advisory (FEDORA-2025-c38fd06bec)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...