EUVD-2026-29085

Local file inclusion LFI and server-side request forgery SSRF vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied apikeyfile and apiurl preferences were passed to the LLM provider clients without validation. An authenticated user could read arbitrary server-side files by...

EUVD-2021-27207

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-11719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When importing a curve25519 private key in PKCS8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services...

DEBIAN-CVE-2025-5278

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...

UBUNTU-CVE-2025-5278

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...

SUSE-SU-2024:4006-1 Security update for SUSE Manager Server 4.3

This update fixes the following issues: cobbler: - Security issues fixed: CVE-2024-47533: Prevent privilege escalation from none to admin bsc1231332 - Other bugs fixed: Increase start timeout for cobblerd unit bsc1219450 Provide syncsinglesystem for DHCP modules to improve performance bsc1219450...

CGA-FWXM-W3HH-RG5P

Bulletin has no description...

python-jose 安全漏洞

python-jose is a JOSE implementation in Python by the individual developer Michael Davis. A security vulnerability exists in python-jose 3.3.0 and earlier versions, which stems from confusion between OpenSSH ECDSA keys and other key formats...

PT-2023-30740

Name of the Vulnerable Software and Affected Versions fast-jwt versions prior to 3.3.2 Description The fast-jwt library does not properly prevent JWT algorithm confusion for all public key types. The 'publicKeyPemMatcher' in 'fast-jwt/src/crypto.js' does not properly match all common PEM formats...

Debian: Security Advisory (DLA-634-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-40017

The HWKEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access...

CVE-2021-40017

The HWKEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access...

Out-of-bounds

The HWKEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access...

CVE-2021-40017

The HWKEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access...

PT-2022-11139 · Unknown · Hw Keymaster

Name of the Vulnerable Software and Affected Versions: HW KEYMASTER affected versions not specified Description: The HW KEYMASTER module lacks a validity check of the key format, which may result in out-of-bounds memory access if successfully exploited. Recommendations: At the moment, there is no...

CVE-2021-40017

CVE-2021-40017 affects Huawei HarmonyOS HW_KEYMASTER; lack of key-format validity check can cause out-of-bounds memory access. Documents tie this to HarmonyOS 2.0 and related advisories, with patches referenced in Huawei security bulletins (2022). Exploit details are not provided in the sources; ...

Huawei HarmonyOS 输入验证错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. HarmonyOS version 2.0 contains a buffer overflow vulnerability that stems from the fact that the HWKEYMASTER module does not perform a legitimacy check on the key format, which can be exploited to cause out-of-bounds access...

Invalid secret key format when accessing to a vault

No description provided...

PYSEC-2017-24

In PyJWT 1.5.0 and below the invalidstrings check in HMACAlgorithm.preparekey does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the string -----BEGIN RSA PUBLIC KEY----- which is not accounted for. This enable...

DEBIAN-CVE-2017-11424

In PyJWT 1.5.0 and below the invalidstrings check in HMACAlgorithm.preparekey does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the string -----BEGIN RSA PUBLIC KEY----- which is not accounted for. This enable...