Astra Linux - уязвимость в thunderbird

An attacker may carry out a DoS attack to prevent a user from sending encrypted emails to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self-signature, and the Thunderbird user imports the crafted key, then Thunderbird may attempt to use the inval...

Astra Linux - уязвимость в thunderbird

If a Thunderbird user has previously imported Alice’s OpenPGP key, and Alice has extended the validity period of her key, but Alice’s updated key has not yet been imported, an attacker may send an email containing a crafted version of Alice’s key with an invalid subkey. In this case, Thunderbird...

Exploit for Missing Encryption of Sensitive Data in Apache Tomcat

CVE-2026-34486-Tribes Apache Tomcat Tribes cluster communicat...

EUVD-2026-19969

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...

ALPINE-CVE-2026-31790

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...

CVE-2026-34992

Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to 2.4.5 and 2.5.2, a missing encryption vulnerability affects inter-Node Pod traffic. In Antrea clusters configured for dual-stack networking with IPsec encryption enabled trafficEncryptionMode: ipsec, Antrea fail...

CVE-2024-52334

A vulnerability has been identified in syngo.plaza VB30E All versions VB30EHF07. The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access...

CVE-2018-10631

The 8840 Clinician Programmer executes the application program from the 8870 Application Card. An attacker with physical access to an 8870 Application Card and sufficient technical capability can modify the contents of this card, including the binary executables. If modified to bypass protection...

EUVD-2014-8708

Malware in sbrugna...

EUVD-2018-17782

Malware in sbrugna...

EUVD-2016-7156

Malware in sbrugna...

EUVD-2018-2703

Malware in sbrugna...

EUVD-2006-3453

Malware in sbrugna...

EUVD-2023-23979

Malicious code in bioql PyPI...

EUVD-2021-7421

Malicious code in bioql PyPI...

EUVD-2025-27198

Malicious code in bioql PyPI...

CVE-2025-59339

The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote storage periodically, i...

Linux Distros Unpatched Vulnerability : CVE-2023-1768

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate error handling in Tribe29 Checkmk = 2.1.0p25, = 2.0.0p34, = 2.2.0b3 beta, and all versions of Checkmk 1.6.0 causes the symmetric encryption of age...

CVE-2025-42933

When a user logs in via SAP Business One native client, the SLD backend service fails to enforce proper encryption of certain APIs. This leads to exposure of sensitive credentials within http response body. As a result, it has a high impact on the confidentiality, integrity, and availability of t...

PT-2025-36560

Name of the Vulnerable Software and Affected Versions: SAP Business One affected versions not specified Description: A flaw exists in the SLD backend service of SAP Business One when a user logs in via the native client. The service fails to enforce proper encryption of certain APIs, leading to t...