Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error via the decodebase64 function in the Encrypted XLSX File Parser component. An attacker can cause a denial of service by executing a manipulation that triggers an off-by-one error. Remediation A fix was pushed into the...

CVE-2026-2703

CVE-2026-2703 affects the xlnt-community xlnt project up to version 1.6.1. The vulnerability resides in the function xlnt::detail::decode_base64 (source/detail/cryptography/base64.cpp) of the Encrypted XLSX File Parser and is caused by an off-by-one flaw introduced by manipulation. The issue requ...

CVE-2026-2703 xlnt-community xlnt Encrypted XLSX File base64.cpp decode_base64 off-by-one

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::decodebase64 of the file source/detail/cryptography/base64.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to off-by-one. The attack requires local access...

CVE-2026-2703 xlnt-community xlnt Encrypted XLSX File base64.cpp decode_base64 off-by-one

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::decodebase64 of the file source/detail/cryptography/base64.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to off-by-one. The attack requires local access...

strongMan 安全漏洞

strongMan is an API developed by strongSwan. Versions of strongMan prior to 0.2.0 contained a security vulnerability. This vulnerability stemmed from the lack of a separate initialization vector when encrypting database fields, which could lead to credential leakage...

PT-2026-20595

Name of the Vulnerable Software and Affected Versions xlnt versions up to 1.6.1 Description A flaw exists in the xlnt::detail::decode base64 function within the Encrypted XLSX File Parser component, specifically in the source/detail/cryptography/base64.cpp file. This can lead to an off-by-one...

PT-2026-20934

Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by sending too large packets to the remote peer when the AEAD tag appears at the end of the encrypted packet...

uTLS has a fingerprint vulnerability from GREASE ECH mismatch for Chrome parrots

There is a fingerprint mismatch with Chrome when using GREASE ECH, having to do with ciphersuite selection. When Chrome selects the preferred ciphersuite in the outer ClientHello and the ciphersuite for ECH, it does so consistently based on hardware support. That means, for example, if it prefers...

PT-2026-20212

URGENT: Ubuntu 24.04 LTS kernel updates USN-8028-3 are live. Critical patches for AMD CPU data leaks CVE-2024-36351 and SEV-SNP guest memory overwrite flaws. Read more: 👉 https://t.co/ChC0mzFiGU Security https://t.co/LSj2IFaKnN...

Control Flow Reconstruction using HPCs

Affected Products and Mitigation Performance counters are not protected by Secure Encrypted Virtualization SEV, SEV-ES, or SEV-SNP. AMD has defined support for performance counter virtualization in APM Vol 2, section 15.39. Performance Monitoring Counters PMC virtualization, available on AMD...

CVE-2025-52536

Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity...

CVE-2025-29939

Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested paging SNP initialization, potentially resulting in a loss of guest memory confidentiality and integrity...

CVE-2025-29948

Improper access control in AMD Secure Encrypted Virtualization SEV firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity...

CVE-2025-29952

Improper Initialization within the AMD Secure Encrypted Virtualization SEV firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity...

OpenSSL 3.x QUIC Initial Packet Builder / Sender

This script is a proof of concept QUIC client that constructs fully encrypted initial packets with header protection. It can be used for testing or fuzzing QUIC/TLS 1.3 implementations. The script constructs and sends a cryptographically valid QUIC Initial packet over UDP. It simulates a QUIC...

GHSA-C7PH-F7JM-XV4W rPGP's integrity protection of encrypted data was not always checked

Summary For some messages, rPGP returned incorrectly decrypted data without signaling that integrity protection was invalid. Details When decrypting SEIPD Symmetrically Encrypted and Integrity Protected Data Packet, rPGP previously did not under all circumstances report the absence of valid...

CVE-2019-25340

SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. Attackers can generate a malformed input file with 2000 repeated characters to trigger an application crash when pasted in...

CVE-2019-25340 SpotAuditor 5.3.2 - 'Base64' Denial Of Service

SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. Attackers can generate a malformed input file with 2000 repeated characters to trigger an application crash when pasted in...

CVE-2019-25340

SpotAuditor 5.3.2 contains a denial of service in the Base64 decryption feature. An attacker can crash the application by supplying a malformed input file consisting of 2000 repeated characters, which triggers a crash when pasted into the Base64 Encrypted Password field. The CVSS metrics indicate...

USN-8038-1 nginx vulnerability

It was discovered that nginx incorrectly handled proxying to upstream TLS servers. An attacker could possibly use this issue to insert plain text data into the response from an upstream proxied server...