CVE-2025-27498

aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext...

Linux Distros Unpatched Vulnerability : CVE-2024-48948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Elliptic package 6.5.7 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four leading 0...

Linux Distros Unpatched Vulnerability : CVE-2023-1386

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. When a local user in the guest writes an executable file with SUID or SGID, none ...

Amazon Linux 2 : python-crypto (ALASANSIBLE2-2025-012)

It is, therefore, affected by a vulnerability as referenced in the ALAS2ANSIBLE2-2025-012 advisory. lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not...

Amazon Linux 2 : docker (ALASECS-2025-048)

The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-048 advisory. golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to...

CVE-2025-27675

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Vulnerable OpenID Implementation V-2023-004...

CVE-2025-27675

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Vulnerable OpenID Implementation V-2023-004...

CVE-2025-1917

Inappropriate implementation in Browser UI in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-27675

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Vulnerable OpenID Implementation V-2023-004...

Google Chrome 安全漏洞

Google Chrome is a WEB browser developed by Google Inc. Google Chrome suffers from a security bypass vulnerability, which is caused due to improper implementation in Select. An attacker can exploit the vulnerability to bypass security restrictions...

Linux Distros Unpatched Vulnerability : CVE-2023-1544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge numbe...

CVE-2025-27675

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Vulnerable OpenID Implementation V-2023-004...

CVE-2025-27675

Vusion Print (formerly PrinterLogic) is affected by CVE-2025-27675: prior to Virtual Appliance Host 22.0.843 and Application 20.0.1923, the product uses a vulnerable OpenID implementation (V-2023-004). The NVD entry assigns CVSS v3.1 score 9.8 (Network, Low complexity, No privileges, User interac...

Linux Distros Unpatched Vulnerability : CVE-2021-40529

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two...

Linux Distros Unpatched Vulnerability : CVE-2023-2860

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The...

Linux Distros Unpatched Vulnerability : CVE-2023-1193

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in setupasyncwork in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow...

Linux Distros Unpatched Vulnerability : CVE-2023-4154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only...

Linux Distros Unpatched Vulnerability : CVE-2024-46754

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Remove tstrun from lwtseg6localprogops. The syzbot reported that the lwtseg6 related BPF ops can be invoked via bpftestrun without without entering...

Linux Distros Unpatched Vulnerability : CVE-2024-2236

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack,...

Linux Distros Unpatched Vulnerability : CVE-2023-51714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2...