PT-2026-49531

Name of the Vulnerable Software and Affected Versions Crypt::DSA versions prior to 1.21 Description The software reuses the nonce across signatures, which can lead to the recovery of the private key. The sign function in the Crypt::DSA::sign module caches the per-signature nonce material within t...

Astra Linux - уязвимость в thunderbird

When importing a revoked key with “key compromise” as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked. As a result, the existing key remained unrevoked. Revocation statements that used another revocation reason, or those that did not specify...

PT-2026-36003

Name of the Vulnerable Software and Affected Versions wget2 affected versions not specified Description An issue exists where the software accepts server certificates with incorrect Key Usage KU or Extended Key Usage EKU. This could allow an attacker who has compromised a certificate and its...

CVE-2026-3503

Protection mechanism failure in wolfCrypt post-quantum implementations ML-KEM and ML-DSA in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during...

EUVD-2017-1552

Malware in sbrugna...

EUVD-2018-0717

Malware in sbrugna...

EUVD-2019-5541

Malware in sbrugna...

EUVD-2020-17547

Malware in sbrugna...

EUVD-2017-0111

Malware in sbrugna...

EUVD-2015-9101

Malware in sbrugna...

EUVD-2015-8816

Malware in sbrugna...

EUVD-2005-2644

Malware in sbrugna...

EUVD-2022-24537

Malicious code in bioql PyPI...

EUVD-2023-33710

Malicious code in bioql PyPI...

EUVD-2024-3394

Malicious code in bioql PyPI...

EUVD-2025-4087

Malicious code in bioql PyPI...

Craft CMS 代码注入漏洞

Craft CMS is an open source content management system CMS from Craft CMS. A code injection vulnerability exists in Craft CMS versions 4.13.8 through 4.16.2 and 5.5.8 through 5.8.3, which stems from a security key compromise that could allow remote code execution...

TencentOS Server 4: putty (TSSA-2025:0180)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0180 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2017-1000412

Linaro's open source TEE solution called OP-TEE, version 2.4.0 and older is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key...

CVE-2025-3935

ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...