Lucene search
K

25574 matches found

Packet Storm News
Packet Storm News
added 2026/01/15 12:0 a.m.5 views

Advanced Encryption Technique for Multimedia Data Using Sudoku-Based Algorithms for Enhanced Security

Encryption and Decryption is the process of sending a message in a ciphered way that appears meaningless and could be deciphered using a key for security purposes to avoid data breaches. This paper expands on the previous work on Sudoku-based encryption methods, applying it to other forms of medi...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.1 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002301)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002301 advisory. A missing authorization check in the fscryptprocesspolicy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel befor...

6.5CVSS7.4AI score0.02159EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001856)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001856 advisory. A missing authorization check in the fscryptprocesspolicy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel befor...

6.5CVSS7.4AI score0.02159EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003375)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003375 advisory. Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service NULL pointer dereference or possibly gai...

7.8CVSS6.5AI score0.00799EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/01/14 7:25 p.m.6 views

CVE-2025-68701

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses deterministic AES IV derivation from a passphrase. This vulnerability is fixed in 2.2...

8.7CVSS6.8AI score0.00202EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/14 4:15 p.m.12 views

Security Bulletin: AIX/VIOS is vulnerable to an out-of-bounds read (CVE-2025-9230, CVE-2025-9232) due to OpenSSL

Summary Vulnerabilities in OpenSSL could allow an attacker to trigger an out-of-bounds read CVE-2025-9230, CVE-2025-9232. OpenSSL is used by AIX as part of AIX's secure network communications. Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt C...

7.5CVSS7AI score0.02016EPSS
Exploits0Affected Software2
OSV
OSV
added 2026/01/14 3:16 p.m.3 views

UBUNTU-CVE-2025-71131

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References37
Cvelist
Cvelist
added 2026/01/14 3:7 p.m.27 views

CVE-2025-71131 crypto: seqiv - Do not use req->iv after crypto_aead_encrypt

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

0.00114EPSS
Exploits0References7
OSV
OSV
added 2026/01/14 3:7 p.m.5 views

CVE-2025-71131 crypto: seqiv - Do not use req->iv after crypto_aead_encrypt

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 3 : openssl-0.9.8e-22.AXS3.4 (AXSA:2012-567:05)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-567:05 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which...

6.8CVSS8.2AI score0.28154EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 3 : libxslt-1.1.17-2.1.2AXS3 (AXSA:2008-83:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-83:01 advisory. libxslt is a library for transforming XML files into other XML files using the standard XSLT stylesheet transformation mechanism. CVE-2008-2935: Multiple...

7.5CVSS8.8AI score0.12789EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2026/01/13 10:54 p.m.5 views

CVE-2025-52435

J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange...

7.5CVSS6.9AI score0.00207EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/13 7:21 p.m.4 views

EUVD-2026-2027

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses deterministic AES IV derivation from a passphrase. This vulnerability is fixed in 2.2...

8.7CVSS6.3AI score0.00202EPSS
Exploits0References7
EUVD
EUVD
added 2026/01/13 7:17 p.m.4 views

EUVD-2026-2022

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, AES/CBC/PKCS5Padding lacks authentication, making it vulnerable to padding oracle attacks and ciphertext manipulation. This vulnerability is fixed in 2.2...

8.7CVSS6.3AI score0.00172EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/01/13 3:2 p.m.7 views

RustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKE

Summary A denial-of-service vulnerability exists in the SM2 public-key encryption PKE implementation: the decrypt path performs unchecked slice::splitat operations on input buffers derived from untrusted ciphertext. An attacker can submit short/undersized ciphertext or carefully-crafted DER-encod...

7.5CVSS7.3AI score0.00279EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2026/01/13 2:56 p.m.2 views

Use of a Broken or Risky Cryptographic Algorithm

Overview net.gleske:jervis is a Self service Jenkins job generation using Jenkins Job DSL plugin groovy scripts. Reads .jervis.yml and generates a job in Jenkins. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the AES/CBC/PKCS5Padding...

8.7CVSS7AI score0.00172EPSS
Exploits0References2
OSV
OSV
added 2026/01/13 2:56 p.m.4 views

GHSA-GXP5-MV27-VJCJ Jervis's AES CBC Mode is Without Authentication

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL682-L684...

8.7CVSS6.8AI score0.00172EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/01/13 2:28 p.m.10 views

Jervis Has a RSA PKCS#1 Padding Vulnerability

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL463-L465...

8.7CVSS6.9AI score0.00128EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/01/13 2:28 p.m.6 views

GHSA-MQW7-C5GG-XQ97 Jervis Has a RSA PKCS#1 Padding Vulnerability

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL463-L465...

8.7CVSS6.8AI score0.00128EPSS
Exploits0References6
CVE
CVE
added 2026/01/13 1:15 a.m.23 views

CVE-2026-0510

The CVE-2026-0510 entry concerns SAP NetWeaver Application Server for Java (NW AS Java) where the User Management Engine (UME) uses an obsolete cryptographic algorithm to encrypt User Mapping data. The documented impact is low confidentiality risk with no integrity/availability impact. Affected c...

3CVSS6.1AI score0.00122EPSS
Exploits0References2
Rows per page
Query Builder