10068 matches found
OPENSUSE-SU-2025:15206-1 SDL2-2.32.8-1.1 on GA media
These are all security issues fixed in the SDL2-2.32.8-1.1 package on the GA media of openSUSE Tumbleweed...
OpenSSL Toolkit 3.0.17
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the LTS release supported until 7th September 2026...
OpenSSL Toolkit 3.5.1
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.5 release...
OpenSSL Toolkit 3.3.4
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.3 release supported until 9th April 2026...
OpenSSL Toolkit 3.4.2
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.4 release supported until 22nd October 2026...
TestSSL 3.2.1
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...
TestSSL 3.0.10
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...
io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine
A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...
The vulnerability in the implementation of the TLS protocol by Mozilla Firefox allows a perpetrator to circumvent existing security restrictions and gain unauthorized access to protected information.
The vulnerability in the TLS protocol implementation of Mozilla Firefox is related to errors in the certificate validation process. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and gain unauthorized access to protected information...
USN-7594-2 linux-azure vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - PowerPC architecture; - RISC-V architecture; - User-Mode Linux UML; - x...
WIFISKY 7-layer Flow Control Router 安全漏洞
WIFISKY 7-layer Flow Control Router is a router from WIFISKY. A security vulnerability exists in the WIFISKY 7-layer Flow Control Router, which is a result of a command injection attack due to the misuse of parameter t in the confirm.php interface...
PT-2025-26993
Name of the Vulnerable Software and Affected Versions: WIFISKY 7-layer Flow Control Router affected versions not specified Description: A remote command injection issue exists in the confirm.php interface of the WIFISKY 7-layer Flow Control Router. This is due to insufficient input validation,...
Universal and Efficient Detection of Adversarial Data through Nonuniform Impact on Network Layers
Deep Neural Networks DNNs are notoriously vulnerable to adversarial input designs with limited noise budgets. While numerous successful attacks with subtle modifications to original input have been proposed, defense techniques against these attacks are relatively understudied. Existing defense...
Living Long Doing Pentests
Whitepaper called Living Long Doing Pentests. It discusses basic LLDP protocol fuzzing and usage from a pentester's point of view...
iterate Cyberduck和iterate Mountain Duck 安全漏洞
iterate Cyberduck and iterate Mountain Duck are both open source file transfer clients from iterate. A security vulnerability exists in iterate Cyberduck 9.1.6 and earlier and iterate Mountain Duck 4.17.5 and earlier, which stems from improper handling of TLS certificate fixing and could lead to...
UBUNTU-CVE-2025-6032
A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack...
USN-7594-1 linux, linux-gcp, linux-raspi, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - PowerPC architecture; - RISC-V architecture; - User-Mode Linux UML; - x...
Physical Layer Challenge-Response Authentication between Ambient Backscatter Devices
Ambient backscatter communication AmBC has become an integral part of ubiquitous Internet of Things IoT applications due to its energy-harvesting capabilities and ultra-low-power consumption. However, the open wireless environment exposes AmBC systems to various attacks, and existing authenticati...
Texas Instruments LP-CC2652RB SimpleLink CC13XX CC26XX SDK 安全漏洞
Texas Instruments LP-CC2652RB SimpleLink CC13XX CC26XX SDK is a software development kit from Texas Instruments, USA. A security vulnerability exists in Texas Instruments LP-CC2652RB SimpleLink CC13XX CC26XX SDK version 7.41.00.17, which originates from a denial of service due to the sending of a...
The vulnerability of the `easy_uci_set_option_string_0()` function in the `/cgi-bin/lighttpd.cgi` file of the LB-LINK BL-AC3600 router’s microprogramming system allows a hacker to execute arbitrary code.
The vulnerability of the easyucisetoptionstring0 function in the /cgi-bin/lighttpd.cgi file of the LB-LINK BL-AC3600 router microprogramming system is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability could allow an attacker operating...