EUVD-2019-20041

Ubiquiti UniFi Network Controller prior to 5.10.12 excluding 5.6.42, UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weakness...

SUSE CVE-2026-32606

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

Missing Authorization

Overview github.com/minio/minio is a high performance object storage server compatible with Amazon S3 APIs. Affected versions of this package are vulnerable to Missing Authorization via the extractMetadataFromMime function. An attacker can make objects permanently unreadable by injecting crafted...

GHSA-3RH2-V3GR-35P9 MinIO is Vulnerable to SSE Metadata Injection via Replication Headers

Impact What kind of vulnerability is it? Who is impacted? A flaw in extractMetadataFromMime allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects by sending crafted X-Minio-Replication- headers on a normal PutObject request. The...

CVE-2019-25651

Ubiquiti UniFi Network Controller prior to 5.10.12 excluding 5.6.42, UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weakness...

CVE-2019-25651

CVE-2019-25651 concerns Ubiquiti UniFi devices where AES-CBC encryption used for device-to-controller communication contains cryptographic weaknesses. Affected: UniFi Network Controller prior to 5.10.12 (except 5.6.42), UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, UAP-AC Outdoor FW prior to 3.8.17, ...

CVE-2019-25651

Ubiquiti UniFi Network Controller prior to 5.10.12 excluding 5.6.42, UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weakness...

Iranian Hackers Breached Kash Patel’s Email—but Not the FBI’s

Plus: Apple makes big claims about the effectiveness of its Lockdown Mode anti-spyware feature, Russia moves to implement homegrown encryption for 5G, and more...

Google Sets 2029 Deadline as Quantum Computers Threaten Encryption

Google fast-tracks post-quantum cryptography with a 2029 deadline as researchers warn quantum computers could break current encryption sooner than expected...

CVE-2021-27481

ZOLL Defibrillator Dashboard, v prior to 2.2, The affected products utilize an encryption key in the data exchange process, which is hardcoded. This could allow an attacker to gain access to sensitive information...

OESA-2026-1753 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based...

OESA-2026-1751 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based...

OESA-2026-1749 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based...

GHSA-FFQX-Q65F-36JF Grafana Tempo has Inadequate Encryption Strength

A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /status/config endpoint, potentially allowing unauthorized users to obtain the key used to encrypt trace data stored in S3. Grafana thanks williamgoodfellow for reporting this vulnerability...

Grafana Tempo has Inadequate Encryption Strength

A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /status/config endpoint, potentially allowing unauthorized users to obtain the key used to encrypt trace data stored in S3. Grafana thanks williamgoodfellow for reporting this vulnerability...

EUVD-2026-16424

A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /status/config endpoint, potentially allowing unauthorized users to obtain the key used to encrypt trace data stored in S3. Thanks to williamgoodfellow for reporting this vulnerability...

Ubiquiti多款产品 加密问题漏洞

The Ubiquiti UniFi Network Controller and other products are all developed by the American company Ubiquiti. The Ubiquiti UniFi Network Controller is a control software platform for centralized management and monitoring of network devices. The Ubiquiti UniFi UAP consists of a series of wireless...

Linux Distros Unpatched Vulnerability : CVE-2026-28377

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /status/config endpoint, potentially allowing unauthorized users t...

PT-2026-28262

Ubiquiti UniFi Network Controller prior to 5.10.12 excluding 5.6.42, UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weakness...

PT-2026-28605

Name of the Vulnerable Software and Affected Versions MinIO versions prior to RELEASE.2026-03-26T21-24-40Z Description A flaw in the extractMetadataFromMime function allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects. This is...