10036 matches found
CVE-2025-61730
During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...
CVE-2025-61730 Handshake messages may be processed at the incorrect encryption level in crypto/tls
During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...
CVE-2025-61730 Handshake messages may be processed at the incorrect encryption level in crypto/tls
During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...
CVE-2025-61730
During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...
EUVD-2025-206448
During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...
CVE-2025-61730
During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries for instance the Client Hello and Encrypted Extensions messages, the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosu...
CVE-2025-33218
CVE-2025-33218 affects the NVIDIA GPU Display Driver for Windows, in the kernel-mode nvlddmkm.sys, where an integer overflow could enable a local attacker to achieve code execution, privilege escalation, data tampering, DoS, or information disclosure. Public advisories from NVIDIA enumerate affec...
openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression
A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service DoS for...
Exploit for Out-of-bounds Read in Openssl
CTT-HEARTBLEED-Temporal-Resonance-Memory-Leak-Exploit-Heartble...
mariadb security update
1:5.5.68-1.0.1 - Fixes CVE-2025-13699, remote code execution via improper path validation Orabug: 38829265 - Fixes failing SSL and timezone tests...
Helper-Assisted Coding for Gaussian Wiretap Channels: Deep Learning Meets PhySec
Consider the Gaussian wiretap channel, where a transmitter wishes to send a confidential message to a legitimate receiver in the presence of an eavesdropper. It is well known that if the eavesdropper experiences less channel noise than the legitimate receiver, then it is impossible for the...
Google Go 安全漏洞
Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google. Google Go suffers from an information disclosure vulnerability that stems from an issue with the order in which messages across cryptographic level boundaries are processed during...
RHEL 9 : openssl (RHSA-2026:1473)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1473 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
CVE-2025-66199
Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...
CVE-2025-66199 TLS 1.3 CompressedCertificate excessive memory allocation
Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...
EUVD-2025-206398
Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...
CVE-2025-66199
Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...
Exploit for Path Traversal in Vmware Cloud_Foundation
CTT-enhanced-VMware-vCenter Looking at current high-impact vul...
Security update for nodejs22
This update for nodejs22 fixes the following issues: Security fixes: CVE-2026-22036: Fixed unbounded decompression chain in HTTP response leading to resource exhaustion bsc1256848 CVE-2026-21637: Fixed synchronous exceptions thrown during callbacks that bypass TLS error handling and causing denia...
Master-Engine-POC---Proprietary-Agentic-AI-Solution
Master Engine POC - Proprietary Agentic AI Solution !Pyth...