In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."

...

UBUNTU-CVE-2025-30258

In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."...

CVE-2025-30258

In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."...

CVE-2025-30258

In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."...

md/md-bitmap: fix incorrect usage for sb_index

...

CVE-2024-35787

A security vulnerability was identified in the Linux kernel's MD Multiple Device subsystem, specifically within the bitmap handling code for clustered environments. The issue arises from incorrect usage of the sbindex field, leading to potential system crashes in clustered configurations...

CVE-2024-35787

In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sbindex Commit d7038f951828 "md-bitmap: don't use -index for pages backing the bitmap file" removed page-index from bitmap code, but left wrong code logic for clustered-md. current code never...

CVE-2024-35787 md/md-bitmap: fix incorrect usage for sb_index

In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sbindex Commit d7038f951828 "md-bitmap: don't use -index for pages backing the bitmap file" removed page-index from bitmap code, but left wrong code logic for clustered-md. current code never...

CVE-2024-35787 md/md-bitmap: fix incorrect usage for sb_index

In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sbindex Commit d7038f951828 "md-bitmap: don't use -index for pages backing the bitmap file" removed page-index from bitmap code, but left wrong code logic for clustered-md. current code never...

CVE-2024-35787

CVE-2024-35787 affects the Linux kernel md-bitmap/ clustered-md path. The fix resolves incorrect usage for sb_index after Commit d7038f951828, which removed page->index from the bitmap file logic but left flawed cluster-node slot offset handling. The vulnerability could cause crashes in cluste...

CVE-2024-1579

The CVE concerns Secomea GateManager, specifically the Webserver modules, with an underlying flaw in the PRNG seeding. The root cause is Incorrect Usage of Seeds in the PRNG, which can lead to session hijacking. Affected/version info: GateManager before 11.2.624071020. Documented impact indicates...

WordPress Meta Data and Taxonomies Filter Plugin < 1.3.1 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:pluginus:wordpressmetadataandtaxonomiesfilter"; ifdescriptio...

AlmaLinux 8 : mod_auth_openidc:2.3 (ALSA-2023:4418)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4418 advisory. cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE CVE-2023-37464 Tenable has extracted the preceding description...

GSD-2022-1005276 ax25: fix incorrect dev_tracker usage

ax25: fix incorrect devtracker usage This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit 4294df1374450912b2f64ee3cf575069fc784679,...

Incorrect safeApprove usage

Handle Jujic Vulnerability details Impact safeApprove won't work when current allowance 0, there may be cases when strategies will not use all allowance, so switch to new strategy will be blocked. Proof of Concept Tools Used Recommended Mitigation Steps I recommend approving to zero and then...

Arbitrary File Write

github.com/u-root/u-root/pkg/tarutil is vulnerable to arbitrary file write. The vulnerability exists due to the incorrect usage of filepath.Join"/", path when performing cpio file extraction...

Buffer overflow

The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirect...

Denial of service

DISPUTED An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClientsetCommandTerminationHandler in client/clientcontrol.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the clientexamplecontrol program...

CVE-2018-19093

An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClientsetCommandTerminationHandler in client/clientcontrol.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the clientexamplecontrol program...

Microsoft Edge Chakra TryUndeleteProperty Incorrect Usage Exploit

Microsoft Edge Chakra suffers from an incorrect usage of TryUndeleteProperty. Microsoft Edge: Chakra: Incorrect usage of TryUndeleteProperty CVE-2017-8635 Chakra implemented the reuse of deleted properties of an unordered dictionary object with the following code. bool...