94 matches found
Astra Linux - уязвимость в thunderbird
If a Thunderbird user has previously imported Alice’s OpenPGP key, and Alice has extended the validity period of her key, but Alice’s updated key has not yet been imported, an attacker may send an email containing a crafted version of Alice’s key with an invalid subkey. In this case, Thunderbird...
How to Manually Update GPG key on Veeam Hardened Repository Appliance
Article Applicability This article is specifically regarding the Veeam Hardened Repository ISO v2 appliance, which was distributed alongside Veeam Backup & Replication 12. For information about manually updating the GPG key on the appliances associated with Veeam Backup & Replication 13, review...
EUVD-2001-0072
Malware in sbrugna...
EUVD-2019-18529
Malware in sbrugna...
EUVD-2019-18531
Malware in sbrugna...
EUVD-2021-26875
Malware in sbrugna...
EUVD-2021-21779
Malware in sbrugna...
EUVD-2022-44879
Malicious code in bioql PyPI...
EUVD-2021-7399
Malicious code in bioql PyPI...
EUVD-2021-7350
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-25742
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox 110,...
Recommended update for gpg2
This update for gpg2 fixes the following issues: CVE-2025-30258: Fixed DoS due to a malicious subkey in the keyring bsc1239119. Other bugfixes: Do not install expired sks certificate bsc1243069. gpg hangs when importing a key bsc1236931. Patch Instructions: To install this SUSE update use the SUS...
SUSE-SU-2025:02259-1 Recommended update for gpg2
This update for gpg2 fixes the following issues: - CVE-2025-30258: Fixed DoS due to a malicious subkey in the keyring bsc1239119. Other bugfixes: - Do not install expired sks certificate bsc1243069. - gpg hangs when importing a key bsc1236931...
USN-7412-2: GnuPG regression
USN-7412-1 fixed vulnerabilities in GnuPG. The update introduced a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that GnuPG incorrectly handled importing keys with certain crafted subkey data. If a user or automated...
CVE-2025-21433 NULL Pointer Dereference in SPS-HLOS
Transient DOS when importing a PKCS8-encoded RSA private key with a zero-sized modulus...
CVE-2025-49601
A flaw was found in mbedtls. The mbedtlslmsimportpublickey function fails to validate input buffer size before reading a 32-bit field, potentially leading to an out-of-bounds read when processing truncated input. This flaw allows a network-based attacker to trigger this condition by providing a...
ALPINE-CVE-2025-49601
In MbedTLS 3.3.0 before 3.6.4, mbedtlslmsimportpublickey does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtlslmsimportpublickey allows context-dependent...
CVE-2025-49601
In MbedTLS 3.3.0 before 3.6.4, mbedtlslmsimportpublickey does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtlslmsimportpublickey allows context-dependent...
CVE-2025-49601
In MbedTLS 3.3.0 before 3.6.4, mbedtlslmsimportpublickey does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtlslmsimportpublickey allows context-dependent...
CVE-2025-49601
In MbedTLS 3.3.0 before 3.6.4, mbedtlslmsimportpublickey does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtlslmsimportpublickey allows context-dependent...