Lucene search
K

57 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 3:50 p.m.8 views

CVE-2026-53038

A flaw was found in the Linux kernel's Integrity Measurement Architecture IMA subsystem. When handling unsupported Trusted Platform Module TPM hash algorithms, the imafs component incorrectly accesses a hash algorithm name array, leading to a read out-of-bounds. This vulnerability could allow a...

5.5CVSS5.7AI score0.00168EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 p.m.8 views

CVE-2026-6412

Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing...

4.3CVSS0.00074EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/25 8:38 p.m.7 views

CVE-2026-6412

Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing...

4.3CVSS5.8AI score0.00074EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38906

In the Linux kernel, the following vulnerability has been resolved: imafs: Correctly create securityfs files for unsupported hash algos imatpmchip-allocatedbanksi.cryptoid is initialized to HASHALGOLAST if the TPM algorithm is not supported. However there are places relying on the algorithm to be...

5.7AI score0.00168EPSS
Exploits0References5
OSV
OSV
added 2026/06/24 4:29 p.m.2 views

CVE-2026-53038 ima_fs: Correctly create securityfs files for unsupported hash algos

In the Linux kernel, the following vulnerability has been resolved: imafs: Correctly create securityfs files for unsupported hash algos imatpmchip-allocatedbanksi.cryptoid is initialized to HASHALGOLAST if the TPM algorithm is not supported. However there are places relying on the algorithm to be...

5.8AI score0.00168EPSS
Exploits0References7
CVE
CVE
added 2026/06/24 4:29 p.m.7 views

CVE-2026-53038

The CVE-2026-53038 issue affects the Linux kernel’s ima_fs logic, where allocated TPM crypto_id can be HASH_ALGO__LAST for unsupported TPM algorithms, leading to reads of hash_algo_name[] out of bounds. The provided documents confirm that TPM algorithms like SHA3-256 (0x0027) may be unsupported, ...

5.7AI score0.00168EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Sulu 加密问题漏洞

Sulu is a scalable Symfony framework based on PHP, developed by the Austrian company Sulu. Versions prior to Sulu 2.6.23 and 3.0.6 contained a security vulnerability related to encryption. This vulnerability stemmed from the use of weak encryption hash algorithms for generating password reset...

6.9CVSS5.3AI score0.00193EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/18 5:24 p.m.49 views

ruby-jwt: Empty-key HMAC bypass; cross-language sibling of CVE-2026-44351

JWT.decodetoken, '', true, algorithm: 'HS256' accepts an attacker-forged token. OpenSSL::HMAC.digest'SHA256', '', payload returns a valid digest under an empty key, and no raise InvalidKeyError if key.empty? precondition exists in the HMAC algorithm. JWT.decodetoken, "", true, algorithm: 'HS256' ...

9.1CVSS5.7AI score0.00236EPSS
Exploits0References8Affected Software1
Packet Storm News
Packet Storm News
added 2026/04/24 12:0 a.m.17 views

Libgcrypt 1.12.2

Libgcrypt is a general-purpose cryptographic library based on the code from GnuPG. It provides functions for all cryptographic building blocks: symmetric ciphers AES, DES, Blowfish, CAST5, Twofish, and Arcfour, hash algorithms MD4, MD5, RIPE-MD160, SHA-1, and TIGER-192, MACs HMAC for all hash...

5.3AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/12/31 12:27 a.m.6 views

SUSE CVE-2023-54250

In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...

6.6AI score0.00168EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/30 3:30 p.m.5 views

EUVD-2023-60391

In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...

6AI score0.00168EPSS
Exploits0References5
NVD
NVD
added 2025/12/30 1:16 p.m.6 views

CVE-2023-54250

In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...

0.00168EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/12/30 1:16 p.m.7 views

CVE-2023-54250

In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...

5.7AI score0.00168EPSS
Exploits0References6
OSV
OSV
added 2025/12/30 1:16 p.m.8 views

UBUNTU-CVE-2023-54250

In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...

5.7AI score0.00168EPSS
Exploits0References7
CVE
CVE
added 2025/12/30 12:15 p.m.14 views

CVE-2023-54250

In the Linux kernel ksmbd component, CVE-2023-54250 concerns an out-of-bounds access in decode_preauth_ctxt(). The issue is that the code checks only the eight-byte SMB2_neg_context header and the client-controlled DataLength, which can exceed the SMB request boundary; this is insufficient to gua...

6.2AI score0.00168EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/30 12:15 p.m.43 views

CVE-2023-54250 ksmbd: avoid out of bounds access in decode_preauth_ctxt()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...

0.00168EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/17 8:4 p.m.8 views

CVE-2025-13532

Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager BoKS can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain...

6.2CVSS7AI score0.00085EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-12467

Malware in sbrugna...

5.4CVSS5.9AI score0.00896EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-9486

Malware in sbrugna...

5.5CVSS6.5AI score0.00426EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.21 views

EUVD-2024-3150

Malicious code in bioql PyPI...

7.5CVSS7.9AI score0.00208EPSS
Exploits0References5
Rows per page
Query Builder