Code-Projects Chat System 加密问题漏洞

Code-Projects Chat System is an open-source chat system developed by Code-Projects. Version 1.0 of the code-projects Chat System has a security vulnerability related to encryption. This vulnerability stems from the parameter “Password” in the MD5 Hash Handler component’s “updateuser.php” file,...

CVE-2026-42363

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

CVE-2026-42363 GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

EUVD-2026-25743

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

CVE-2026-42363

CVE-2026-42363 affects GeoVision GV-IP Device Utility 9.0.5. The Device Authentication flow encrypts credentials using a protocol resembling Blowfish, but the symmetric key is included in the packet, making confidentiality rely on obscurity. When admin users interact with devices, credentials may...

CVE-2026-42363 GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION

...

Datavines 加密问题漏洞

Datavines is a data quality monitoring and evaluation platform developed by Datavane. Versions of Datavines from 13,607,45e14a4982468cfdbcf75c85cde63bae71 onwards have a security vulnerability related to encryption. This vulnerability stems from the handling of the tokenSecret parameter in the...

PT-2026-35277

Name of the Vulnerable Software and Affected Versions GeoVision GV-IP Device Utility version 9.0.5 Description Insufficient encryption in the Device Authentication functionality allows for the leakage of administrator credentials. When the utility sends privileged commands to devices over UDP...

Cillium exposes sensitive information included in the cilium-bugtool debug archive

Impact The output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. Users of WireGuard Transparent Encryption are affected. The sensitive data is the WireGuard private key ciliumwg0.key used for node-to-node encrypted...

GHSA-GJ49-89WH-H4GJ Cillium exposes sensitive information included in the cilium-bugtool debug archive

Impact The output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. Users of WireGuard Transparent Encryption are affected. The sensitive data is the WireGuard private key ciliumwg0.key used for node-to-node encrypted...

Exploit for CVE-2026-21847

CVE-2026-21847: Hardcoded AES Encryption Key in DPDC Customer...

SUSE CVE-2026-31590

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVMMEMORYENCRYPTREGREGION Drop the WARN in sevpinmemory on npages overflowing an int, as the WARN is comically trivially to trigger from userspace, e.g. by doing: struct kvmencregion range =...

SUSE CVE-2026-31591

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as allowing userspace to manipulate and/or run a vCPU while its state is being...

CVE-2026-33662

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsapkcs1v15encode in core/drivers/crypto/cryptoapi/acipher/rsassa.c, the amount of padding needed, "...

EUVD-2026-23943

AWS Encryption SDK for Python: Key commitment policy bypass via shared key cache...

core-aws (>=1.1.0 <=1.3.0), mind-castle (=0.4.7) potentially affected by CVE-2026-6550 via aws-encryption-sdk (>=4.0.0 <=4.0.3)

aws-encryption-sdk PYPI version =4.0.0, =1.1.0, =1.3.0 - mind-castle =0.4.7 Source cves: CVE-2026-6550 Source advisory: OSV:GHSA-V638-38FC-RHFV...

AWS Encryption SDK for Python: Key commitment policy bypass via shared key cache

Summary AWS Encryption SDK ESDK for Python is a client-side encryption library. An issue exists where, under certain circumstances, a specific cryptographic algorithm downgrade in the caching layer might allow an authenticated local threat actor to bypass key commitment policy enforcement via a...

GHSA-V638-38FC-RHFV AWS Encryption SDK for Python: Key commitment policy bypass via shared key cache

Summary AWS Encryption SDK ESDK for Python is a client-side encryption library. An issue exists where, under certain circumstances, a specific cryptographic algorithm downgrade in the caching layer might allow an authenticated local threat actor to bypass key commitment policy enforcement via a...

aws-encryption-sdk-cli (>=2.1.0 <=3.1.0), cloudformation-cli-python-lib (>=2.1.9 <=2.1.16) +4 more potentially affected by CVE-2026-6550 via aws-encryption-sdk (>=2.0.0 <=3.3.0)

aws-encryption-sdk PYPI version =2.0.0, =2.1.0, =2.1.9, =1.0.0, =1.0.1, =0.4.8, =25.11.0, =25.14.1 Source cves: CVE-2026-6550 Source advisory: OSV:GHSA-V638-38FC-RHFV...