138 matches found
CVE-2026-21383
CVE-2026-21383 describes a cryptographic issue in which AES-GCM key wrapping uses a static initialization vector (IV). The static IV conflicts with the requirement for a unique IV per operation, which can undermine confidentiality and integrity. The CVSS 3.1 metrics provided indicate a high impac...
SUSE SLES12 Security Update : opensc (SUSE-SU-2026:2678-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2678-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses...
SUSE SLES15 Security Update : opensc (SUSE-SU-2026:2657-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2657-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device...
SUSE-SU-2026:2657-1 Security update for opensc
This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to cra...
SUSE-SU-2026:22139-1 Security update for opensc
This update for opensc fixes the following issues - CVE-2026-10275: global buffer overflow during key pair generation tests due to missing input validation bsc1267246. - CVE-2026-40528: stack and heap buffer overrun in the dokeyvalue function due to missing length check allows for memory corrupti...
SUSE-SU-2026:22103-1 Security update for opensc
This update for opensc fixes the following issues - CVE-2026-10275: global buffer overflow during key pair generation tests due to missing input validation bsc1267246. - CVE-2026-40528: stack and heap buffer overrun in the dokeyvalue function due to missing length check allows for memory corrupti...
Reusing a Nonce, Key Pair in Encryption
Overview Affected versions of this package are vulnerable to Reusing a Nonce, Key Pair in Encryption in the server-side digest authentication implementation. An attacker can gain unauthorized access by replaying previously captured authentication data. Remediation There is no fixed version for...
SSH Key Persistence
This Metasploit module will add an SSH key to a specified user or all, to allow remote login via SSH at any time. No payload is required for this module to work. If an SSH key is not provided, a new 4096 bit RSA keypair will be generated. The private key will be stored as loot for later use...
CVE-2019-7593
Metasys® ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a shared RSA key pair for certain encryption operations involving the Site Management Portal SMP...
CVE-2025-47345 Reusing a Nonce, Key Pair in Encryption in Automotive Platform
Cryptographic issue may occur while encrypting license data...
CVE-2025-47345 Reusing a Nonce, Key Pair in Encryption in Automotive Platform
Cryptographic issue may occur while encrypting license data...
CVE-2025-61739 Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG reusing a nonce, key pair in encryption
Due to Nonce reuse, attackers can perform reply attack or decrypt captured packets...
EUVD-2018-0689
Malware in sbrugna...
EUVD-2019-17131
Malware in sbrugna...
EUVD-2015-6360
Malware in sbrugna...
EUVD-2004-2711
Malware in sbrugna...
EUVD-2000-0444
Malware in sbrugna...
EUVD-2024-35354
Malicious code in bioql PyPI...
EUVD-2023-45874
Malicious code in bioql PyPI...
EUVD-2023-47937
Malicious code in bioql PyPI...