PT-2025-50637

Name of the Vulnerable Software and Affected Versions wolfSSL versions prior to 5.8.4 Description Certain constant-time implementations within wolfSSL may be altered by LLVM optimizations into non-constant-time binaries. This transformation can introduce observable timing discrepancies, potential...

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library for use by embedded systems developers from wolfSSL, Inc. in the United States. A security vulnerability exists in wolfSSL that stems from compiler optimizations and time-side channels introduced by CPU architectural limitations...

MGASA-2025-0295 Updated botan2 packages fix security vulnerability

Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 used in Chacha-Poly1305 and x25519. An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i38...

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2020-9327)

In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

EUVD-2020-30148

Malware in sbrugna...

EUVD-2018-0126

Malware in sbrugna...

EUVD-2023-34885

Malicious code in bioql PyPI...

EUVD-2024-52504

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-52496

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a...

SUSE CVE-2025-52496

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery...

DEBIAN-CVE-2025-52496

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery...

CVE-2025-52496

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery...

CVE-2025-52496

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery...

Fedora 41 : glibc (2025-e489437b3d)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-e489437b3d advisory. This update contains the following bug fixes and enhancements: String function register clobbers specific to POWER10 machines CVE-2025-5702,...

Cost-Effective Optimization and Implementation of the CRT-Paillier Decryption Algorithm for Enhanced Performance

To address the privacy protection problem in cloud computing, privacy enhancement techniques such as the Paillier additive homomorphism algorithm are receiving widespread attention. Paillier algorithm allows addition and scalar multiplication operations in dencrypted state, which can effectively...

TencentOS Server 3: firefox (TSSA-2024:0129)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0129 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2024-54384

Missing Authorization vulnerability in Anh Tran Falcon – WordPress Optimizations & Tweaks falcon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Falcon – WordPress Optimizations & Tweaks: from n/a through = 2.8.3...

CVE-2023-30470

A use-after-free related to unsound inference in the bytecode generation when optimizations are enabled for Hermes prior to commit da8990f737ebb9d9810633502f65ed462b819c09 could have been used by an attacker to achieve remote code execution. Note that this is only exploitable in cases where Herme...

Spring Data Ahead of Time Repositories

In the past couple of years we have seen heavy investment throughout the Java ecosystem to reduce application startup times. The main focus gravitates around Ahead-of-Time optimizations. May it be condensing code into a GraalVM native executable, capturing already optimized bytecode with...

Unbreakable Enterprise kernel security update

5.15.0-308.179.6.2 - x86/bhi: Do not set BHIDISS in 32-bit mode Pawan Gupta Orabug: 37920681 - x86/bpf: Add IBHF call at end of classic BPF Daniel Sneddon Orabug: 37920681 - x86/bpf: Call branch history clearing sequence on exit Daniel Sneddon Orabug: 37920681 - selftest/x86/bugs: Add selftests f...