25563 matches found
PT-2026-22941
Name of the Vulnerable Software and Affected Versions Wi-Fi affected versions not specified Description A security issue exists in how Wi-Fi handles wireless encryption during transmissions. An attacker can create specially crafted, authenticated transmissions that appear to come from a trusted...
2N Access Commander 安全漏洞
2N Access Commander is an access control solution provided by 2N Corporation. Versions of 2N Access Commander prior to 3.4.2 contained security vulnerabilities. These vulnerabilities were due to improper validation of API endpoints, which could allow bypassing password policies that rely on backu...
PT-2026-22887
Name of the Vulnerable Software and Affected Versions SEPPmail Secure Email Gateway versions prior to 15.0.1 Description The SEPPmail Secure Email Gateway does not properly handle PDF encryption passwords, potentially allowing for operating system command execution. The issue arises from...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005521)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005521 advisory. In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free Read in tipcaeadencryptdone Syzbot reported a slab-use-after-fr...
CVE-2026-27932
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...
DEBIAN-CVE-2026-27932
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...
UBUNTU-CVE-2026-27932
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...
CVE-2026-27932
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...
CVE-2026-27932 joserfc PBES2 p2c Unbounded Iteration Count enables Denial of Service (DoS)
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...
CVE-2026-27932 joserfc PBES2 p2c Unbounded Iteration Count enables Denial of Service (DoS)
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...
CVE-2026-27932
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...
CVE-2026-27932
CVE-2026-27932 affects the Python library joserfc (1.6.2 and earlier). The root cause is an unbounded PBES2 Count (p2c) value read from a JWE protected header, which allows an attacker to trigger CPU exhaustion and Denial of Service by forcing extremely high PBKDF2 iteration counts. Impact is at ...
CVE-2026-27932 joserfc PBES2 p2c Unbounded Iteration Count enables Denial of Service (DoS)
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...
EUVD-2026-9344
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...
CVE-2026-27932
joserfc is a Python library that provides an implementation of several JSON Object Signing and Encryption JOSE standards. In 1.6.2 and earlier, a resource exhaustion vulnerability in joserfc allows an unauthenticated attacker to cause a Denial of Service DoS via CPU exhaustion. When the library...
CVE-2024-55023
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded encryption key which could allow attackers to access sensitive information...
CVE-2024-55023
Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded encryption key which could allow attackers to access sensitive information...
GHSA-65P9-R9H6-22VJ AWS-LC has Timing Side-Channel in AES-CCM Tag Verification
Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP...
Linux RC4 Packer with In-Memory Execution (x86)
This evasion module packs Linux payloads using RC4 encryption and executes them from memory using memfdcreate for fileless execution. The evasion module works on systems with Linux Kernel 3.17+ due to memfdcreate support. Features: - RC4 encryption with configurable key size - Fileless execution...
CVE-2025-63912
Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expose credentials...