62 matches found
CVE-2026-43377 ksmbd: Don't log keys in SMB3 signing and encryption key generation
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...
CVE-2026-31543
In the Linux kernel, the following vulnerability has been resolved: crashdump: don't log dm-crypt key bytes in readkeyfromuserkeying When debug logging is enabled, readkeyfromuserkeying logs the first 8 bytes of the key payload and partially exposes the dm-crypt key. Stop logging any key bytes...
DEBIAN-CVE-2026-31543
In the Linux kernel, the following vulnerability has been resolved: crashdump: don't log dm-crypt key bytes in readkeyfromuserkeying When debug logging is enabled, readkeyfromuserkeying logs the first 8 bytes of the key payload and partially exposes the dm-crypt key. Stop logging any key bytes...
CVE-2026-31543 crash_dump: don't log dm-crypt key bytes in read_key_from_user_keying
In the Linux kernel, the following vulnerability has been resolved: crashdump: don't log dm-crypt key bytes in readkeyfromuserkeying When debug logging is enabled, readkeyfromuserkeying logs the first 8 bytes of the key payload and partially exposes the dm-crypt key. Stop logging any key bytes...
CVE-2026-31543
In the Linux kernel, the following vulnerability has been resolved: crashdump: don't log dm-crypt key bytes in readkeyfromuserkeying When debug logging is enabled, readkeyfromuserkeying logs the first 8 bytes of the key payload and partially exposes the dm-crypt key. Stop logging any key bytes...
PT-2026-34895
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description When debug logging is enabled, the read key from user keying function logs the first 8 bytes of the key payload, which partially exposes the dm-crypt key. Recommendations At the moment,...
MiracleLinux 9 : java-11-openjdk-11.0.22.0.7-2.el9.ML.1 (AXSA:2024-7450:05)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7450:05 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...
MiracleLinux 9 : java-1.8.0-openjdk-1.8.0.402.b06-2.el9.ML.1 (AXSA:2024-7446:04)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7446:04 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...
MiracleLinux 8 : java-11-openjdk-11.0.22.0.7-2.el8 (AXSA:2024-7445:04)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7445:04 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...
MiracleLinux 8 : java-17-openjdk-17.0.10.0.7-2.el8 (AXSA:2024-7459:03)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7459:03 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: incorrect handling of ZIP files with...
MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.402.b06-1.el7 (AXSA:2024-7425:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7425:01 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...
CVE-2020-7654
All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG...
CVE-2023-4509
It is possible for an API key to be logged in clear text in the audit log file after an invalid login attempt...
CVE-2024-34353
The matrix-sdk-crypto crate, part of the Matrix Rust SDK project, is an implementation of a Matrix end-to-end encryption state machine in Rust. In Matrix, the server-side key backup stores encrypted copies of Matrix message keys. This facilitates key sharing between a user's devices and provides ...
OESA-2025-2383 xml-security security update
The XML Security project is aimed at providing implementation of security standards for XML. Currently the focus is on the W3C standards : - XML-Signature Syntax and Processing; and - XML Encryption Syntax and Processing. Security Fixes: All versions of Apache Santuario - XML Security for Java...
EUVD-2018-11468
Malware in sbrugna...
EUVD-2020-17758
Malware in sbrugna...
EUVD-2020-24754
Malware in sbrugna...
EUVD-2024-1554
Malicious code in bioql PyPI...
EUVD-2022-39037
Malicious code in bioql PyPI...