37 matches found
kernel: RDMA/mana: Validate rx_hash_key_len
A flaw was found in the Linux kernel's RDMA/mana component. A local user could exploit this vulnerability by providing an invalid rxhashkeylen value through a user-space API uAPI structure. This invalid value is then used in a memcpy operation without proper bounds checking, allowing the user to...
kernel: RDMA/mana: Validate rx_hash_key_len
A flaw was found in the Linux kernel's RDMA/mana component. A local user could exploit this vulnerability by providing an invalid rxhashkeylen value through a user-space API uAPI structure. This invalid value is then used in a memcpy operation without proper bounds checking, allowing the user to...
CVE-2026-44611
Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks...
PT-2026-44931
Name of the Vulnerable Software and Affected Versions Danelec MacGregor Voyage Data Recorder affected versions not specified Description Passwords are stored using a hashing method that restricts password length and is susceptible to brute force attacks, which is a trial-and-error method used to...
PT-2026-44268
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the RDMA/mana component where the rx hash key len variable, which originates from a uAPI structure, is passed to the memcpy function without proper validation. This lack ...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the SM2 decryption process due to improper validation of the encoded C3 hash field length prior to comparison. An attacker can cause a heap buffer over-read, potentially leading to a crash or other undefined...
GHSA-67RJ-PJG6-PQ59 Jervis Has a SHA-256 Hex String Padding Bug
Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL622-L626 padLeft32, '0' should be padLeft64, '0'. SHA-256 produces 32 bytes = 64 hex characters. Impact Inconsistent hash lengths when leadi...
Jervis Has a SHA-256 Hex String Padding Bug
Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL622-L626 padLeft32, '0' should be padLeft64, '0'. SHA-256 produces 32 bytes = 64 hex characters. Impact Inconsistent hash lengths when leadi...
EUVD-2011-1561
Malware in sbrugna...
EUVD-2024-49626
Malicious code in bioql PyPI...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_2
This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 CVE-2024-53082: Fixed virtionet: Add hashkeylength check bsc1233677 CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Acces...
Security update for kernel-livepatch-MICRO-6-0_Update_3
This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 CVE-2024-53082: Fixed virtionet: Add hashkeylength check bsc1233677 CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Access...
Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 CVE-2024-53082: Fixed virtionet: Add hashkeylength check bsc1233677 CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Access...
SUSE-SU-2025:20212-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_3
This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: - CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 - CVE-2024-53082: Fixed virtionet: Add hashkeylength check bsc1233677 - CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper...
SUSE-SU-2025:20213-1 Security update for kernel-livepatch-MICRO-6-0_Update_2
This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: - CVE-2024-53237: Fixed bluetooth: fix use-after-free in deviceforeachchild bsc1235008 - CVE-2024-53082: Fixed virtionet: Add hashkeylength check bsc1233677 - CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper...
CVE-2024-8361 DoS caused due to wrong hash length returned for SHA2/224 algorithm
In SiWx91x devices, the SHA2/224 algorithm returns a hash of 256 bits instead of 224 bits. This incorrect hash length triggers a software assertion, which subsequently causes a Denial of Service DoS. If a watchdog is implemented, device will restart after watch dog expires. If watchdog is not...
CVE-2024-8361
In SiWx91x devices, CVE-2024-8361 describes a DoS caused by SHA2/224 producing a 256-bit hash instead of 224 bits, triggering a software assertion. The issue is documented across multiple sources (NVD, Red Hat, CVE listing). Affected component is the SHA2/224 implementation; root cause is incorre...
CVE-2024-8361 DoS caused due to wrong hash length returned for SHA2/224 algorithm
In SiWx91x devices, the SHA2/224 algorithm returns a hash of 256 bits instead of 224 bits. This incorrect hash length triggers a software assertion, which subsequently causes a Denial of Service DoS. If a watchdog is implemented, device will restart after watch dog expires. If watchdog is not...
PT-2025-3698 · Siwx91X · Siwx91X
Name of the Vulnerable Software and Affected Versions: SiWx91x devices affected versions not specified Description: The issue is related to the SHA2/224 algorithm, which returns a hash of 256 bits instead of 224 bits. This incorrect hash length triggers a software assertion, causing a Denial of...
Silicon SiWx91x 安全漏洞
The Silicon SiWx91x is a radio board from Silicon Technology Silicon. A security vulnerability exists in the Silicon SiWx91x that stems from an incorrect hash length triggering a software assertion, which could lead to a denial of service DoS...