UBUNTU-CVE-2025-13470

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release...

CVE-2025-34337

eGovFramework/egovframe-common-components versions up to and including 4.3.1 includes Web Editor image upload and related file delivery functionality that uses symmetric encryption to protect URL parameters, but exposes an encryption oracle that allows attackers to generate valid ciphertext for...

CVE-2025-13315

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls to leak a log file and read the administrator's username and encrypted password...

Security Bulletin: Astronomer with IBM is vulnerable to invalid signature verification due to the OpenPGP.js package (CVE-2025-47934)

Summary OpenPGP.js is used by Astronomer with IBM as part of OpenPGP processing functionality. Vulnerability Details CVEID:CVE-2025-47934 DESCRIPTION: OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. Startinf in version 5.0.1 and prior to versions 5.11.3 and 6.1.1, a maliciously...

TencentOS Server 4: grub2 (TSSA-2024:0889)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0889 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-13315

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls to leak a log file and read the administrator's username and encrypted password...

CVE-2025-13315 Unauthenticated log access in Twonky Server

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls to leak a log file and read the administrator's username and encrypted password...

CVE-2025-13315 Unauthenticated log access in Twonky Server

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls to leak a log file and read the administrator's username and encrypted password...

CVE-2025-13315, CVE-2025-13316: Critical Twonky Server Authentication Bypass (NOT FIXED)

Overview Twonky Server version 8.5.2 is susceptible to two vulnerabilities that facilitate administrator authentication bypass on Linux and Windows. An unauthenticated attacker can improperly access a privileged web API endpoint to leak application logs, which contain encrypted administrator...

CVE-2025-60022

Improper certificate validation vulnerability exists in 'デジラアプリ' App for iOS prior to ver.80.10.00. If this vulnerability is exploited, a man-in-the-middle attack may allow an attacker to eavesdrop on and/or tamper with an encrypted communication...

CVE-2025-60022

Improper certificate validation vulnerability exists in 'デジラアプリ' App for iOS prior to ver.80.10.00. If this vulnerability is exploited, a man-in-the-middle attack may allow an attacker to eavesdrop on and/or tamper with an encrypted communication...

HSEC-2023-0012 git-annex checksum exposure to encrypted special remotes

git-annex checksum exposure to encrypted special remotes A bug exposed the checksum of annexed files to encrypted special remotes, which are not supposed to have access to the checksum of the un-encrypted file. This only occurred when resuming uploads to the encrypted special remote, so it is...

HSEC-2023-0013 git-annex plaintext storage of embedded credentials on encrypted remotes

git-annex plaintext storage of embedded credentials on encrypted remotes git-annex had a bug in the S3 and Glacier remotes where if embedcreds=yes was set, and the remote used encryption=pubkey or encryption=hybrid, the embedded AWS credentials were stored in the Git repository in effectively...

HSEC-2023-0011 git-annex GPG decryption attack via compromised remote

git-annex GPG decryption attack via compromised remote A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's GPG key. This attack could be used to expose encrypted data that was never stored in git-annex. Daniel Dent discovered this...

Google Launches 'Private AI Compute' — Secure AI Processing with On-Device-Level Privacy

Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence AI queries in a secure platform in the cloud. The company said it has built Private AI Compute to "unlock the full speed and power of Gemini cloud models for AI experiences,...

CVE-2025-63289

CVE-2025-63289 affects the Sogexia Android App: Compile Affected SDK v35, Max SDK 32, with a fix in v36. The vulnerability arises from hardcoded encryption keys in the encryption_helper.dart file, which could impact data confidentiality and integrity. Remediation: update to SDK version 36 (or the...

GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites

The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress. The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-on keyboard...

kernel: smb: client: Add check for next_buffer in receive_encrypted_standard()

In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for nextbuffer in receiveencryptedstandard Add check for the return value of cifsbufget and cifssmallbufget in receiveencryptedstandard to prevent null pointer dereference...

kernel: smb: client: Add check for next_buffer in receive_encrypted_standard()

In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for nextbuffer in receiveencryptedstandard Add check for the return value of cifsbufget and cifssmallbufget in receiveencryptedstandard to prevent null pointer dereference...

Stale Translation Lookaside Buffer (TLB) Entry Vulnerability

Summary An internally reported microcode bug in some EPYC™ AMD CPUs could allow a local admin-privileged attacker to run SEV-SNP Secure Encrypted Virtualization - Secure Nested Paging guests using stale TLB entries. This bug could allow SNP active vCPUs to reuse TLB entries from other virtual...