25527 matches found
CVE-2026-42363
An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...
EUVD-2026-25743
An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...
CVE-2026-42363 GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability
An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...
CVE-2026-42363 GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability
An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...
KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION
...
PT-2026-35277
Name of the Vulnerable Software and Affected Versions GeoVision GV-IP Device Utility version 9.0.5 Description Insufficient encryption in the Device Authentication functionality allows for the leakage of administrator credentials. When the utility sends privileged commands to devices over UDP...
Datavines 加密问题漏洞
Datavines is a data quality monitoring and evaluation platform developed by Datavane. Versions of Datavines from 13,607,45e14a4982468cfdbcf75c85cde63bae71 onwards have a security vulnerability related to encryption. This vulnerability stems from the handling of the tokenSecret parameter in the...
GHSA-GJ49-89WH-H4GJ Cillium exposes sensitive information included in the cilium-bugtool debug archive
Impact The output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. Users of WireGuard Transparent Encryption are affected. The sensitive data is the WireGuard private key ciliumwg0.key used for node-to-node encrypted...
Cillium exposes sensitive information included in the cilium-bugtool debug archive
Impact The output of cilium-bugtool can contain sensitive data when the tool is run against Cilium deployments with WireGuard encryption enabled. Users of WireGuard Transparent Encryption are affected. The sensitive data is the WireGuard private key ciliumwg0.key used for node-to-node encrypted...
Exploit for CVE-2026-21847
CVE-2026-21847: Hardcoded AES Encryption Key in DPDC Customer...
SUSE CVE-2026-31590
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVMMEMORYENCRYPTREGREGION Drop the WARN in sevpinmemory on npages overflowing an int, as the WARN is comically trivially to trigger from userspace, e.g. by doing: struct kvmencregion range =...
SUSE CVE-2026-31591
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as allowing userspace to manipulate and/or run a vCPU while its state is being...
CVE-2026-33662
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsapkcs1v15encode in core/drivers/crypto/cryptoapi/acipher/rsassa.c, the amount of padding needed, "...
core-aws (>=1.1.0 <=1.3.0), mind-castle (=0.4.7) potentially affected by CVE-2026-6550 via aws-encryption-sdk (>=4.0.0 <=4.0.3)
aws-encryption-sdk PYPI version =4.0.0, =1.1.0, =1.3.0 - mind-castle =0.4.7 Source cves: CVE-2026-6550 Source advisory: OSV:GHSA-V638-38FC-RHFV...
EUVD-2026-23943
AWS Encryption SDK for Python: Key commitment policy bypass via shared key cache...
GHSA-V638-38FC-RHFV AWS Encryption SDK for Python: Key commitment policy bypass via shared key cache
Summary AWS Encryption SDK ESDK for Python is a client-side encryption library. An issue exists where, under certain circumstances, a specific cryptographic algorithm downgrade in the caching layer might allow an authenticated local threat actor to bypass key commitment policy enforcement via a...
aws-encryption-sdk-cli (>=2.1.0 <=3.1.0), cloudformation-cli-python-lib (>=2.1.9 <=2.1.16) +4 more potentially affected by CVE-2026-6550 via aws-encryption-sdk (>=2.0.0 <=3.3.0)
aws-encryption-sdk PYPI version =2.0.0, =2.1.0, =2.1.9, =1.0.0, =1.0.1, =0.4.8, =25.11.0, =25.14.1 Source cves: CVE-2026-6550 Source advisory: OSV:GHSA-V638-38FC-RHFV...
AWS Encryption SDK for Python: Key commitment policy bypass via shared key cache
Summary AWS Encryption SDK ESDK for Python is a client-side encryption library. An issue exists where, under certain circumstances, a specific cryptographic algorithm downgrade in the caching layer might allow an authenticated local threat actor to bypass key commitment policy enforcement via a...
CVE-2026-31591
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as allowing userspace to manipulate and/or run a vCPU while its state is being...
CVE-2026-31590
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVMMEMORYENCRYPTREGREGION Drop the WARN in sevpinmemory on npages overflowing an int, as the WARN is comically trivially to trigger from userspace, e.g. by doing: struct kvmencregion range =...