CVE-2025-21482

CVE-2025-21482 describes a cryptographic issue in Qualcomm closed‑source components related to RSA PKCS padding decoding. The CVE is listed as High severity with Local attack vector, Low attack complexity, Low privileges required, and no user interaction, with impacts on Confidentiality and Integ...

CVE-2025-21482 Cryptographic Issues in Core

Cryptographic issue while performing RSA PKCS padding decoding...

CVE-2025-21482 Cryptographic Issues in Core

Cryptographic issue while performing RSA PKCS padding decoding...

Qualcomm Chipsets 加密问题漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A cryptographic issue vulnerability exists in Qualcomm Chipsets that stems from a cryptographic issue when performing RSA PKCS padding decoding...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from not properly handling padding bits when decoding RTP packet headers, which could lead to information disclosure...

PT-2025-39270

Name of the Vulnerable Software and Affected Versions versions affected versions not specified Description An information disclosure issue exists while decoding Real-time Transport Protocol RTP packet headers received by a User Equipment UE from the network when the padding bit is set...

PT-2025-39267

Name of the Vulnerable Software and Affected Versions Affected versions not specified Description A cryptographic issue exists during RSA PKCS padding decoding. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...

Inference Attacks on Encrypted Online Voting Via Traffic Analysis

Online voting enables individuals to participate in elections remotely, offering greater efficiency and accessibility in both governmental and organizational settings. As this method gains popularity, ensuring the security of online voting systems becomes increasingly vital, as the systems...

PT-2025-44146

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue related to insufficient access checks within the bpf sock addr structure. Specifically, the sock addr is valid access function did not explicitly rejec...

Erlang/OTP (Erlang OTP) TLS 1.0 Missing CBC Padding Check Vulnerability (GHSA-ffrq-5rxw-xj5m) - Linux

Erlang/OTP Erlang OTP is prone to a TLS 1.0 missing CBC padding check vulnerability in the ssl component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Erlang/OTP (Erlang OTP) TLS 1.0 Missing CBC Padding Check Vulnerability (GHSA-ffrq-5rxw-xj5m) - Windows

Erlang/OTP Erlang OTP is prone to a TLS 1.0 missing CBC padding check vulnerability in the ssl component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Linux Distros Unpatched Vulnerability : CVE-2020-26263

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tlslite-ng is an open source python library that implements SSL and TLS cryptographic protocols. In tlslite-ng before versions 0.7.6 and 0.8.0-alpha39, the code...

EulerOS 2.0 SP12 : shim (EulerOS-SA-2025-2058)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in...

CVE-2025-41039 Stored Cross-Site Scripting vulnerability in appRain CMF

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'datasconfigadminlandingpage', 'datasconfigcurrency', 'datasconfigdbversion', 'datasconfigdefaultpagination',...

The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack.

...

Linux Distros Unpatched Vulnerability : CVE-2015-7827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million- message attacks by measuring time differences, related to...

Linux Distros Unpatched Vulnerability : CVE-2025-38613

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: gpib: fix unset padding field copy back to userspace The introduction of a padding field in the gpibboardinfoioctl is showing up as initialized data on...

CVE-2025-7071

Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS7 decrypt operations...

CVE-2025-9071

Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto library in all versions up to 1.5.1, results in deterministic RSA and thus in a loss of confidentiality for guessable messages, recognition of repeated...

CVE-2025-7383

Padding oracle attack vulnerability in Oberon microsystem AG’s Oberon PSA Crypto library in all versions since 1.0.0 and prior to 1.5.1 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS7 decrypt operations...