PYSEC-2018-90

The mpatchdecode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001...

Juniper Junos QFX Low Entropy Vulnerability (JSA10678)

According to its self-reported version number, the remote Juniper Junos device is affected by a low entropy vulnerability due to an insufficient number of bytes being collected from the RANDOMINTERRUPT entropy source when the device is first booted, thus resulting in the generation of weak SSH ke...