Lucene search
K

1340 matches found

Fedora
Fedora
added 2026/05/15 2:34 a.m.14 views

[SECURITY] Fedora 44 Update: rust-sequoia-sop-0.37.3-3.fc44

An implementation of the Stateless OpenPGP Interface using Sequoia...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/05/15 2:34 a.m.11 views

[SECURITY] Fedora 44 Update: rust-rpm-sequoia-1.10.2-2.fc44

An implementation of the RPM PGP interface using Sequoia...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.9 views

Unity Linux 20.1060e / 20.1070e Security Update: libgcrypt (UTSA-2026-017573)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017573 advisory. Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpipowm, and...

7.5CVSS6.8AI score0.02342EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.9 views

Unity Linux 20.1060e / 20.1070e Security Update: libgcrypt (UTSA-2026-017437)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017437 advisory. The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous...

5.9CVSS6.7AI score0.01423EPSS
Exploits1References4
OSV
OSV
added 2026/05/06 9:49 p.m.7 views

GHSA-2P6R-X3VV-XQM2 rpassword affected by partial password reveal when input is interrupted

rpassword maintainers were made aware of a possible issue with a partial password reveal when input is interrupted. To quote @squell: @conradkleinespel I've confirmed this problem with SequoiaPGP, which I think uses rpassword, e.g.: Suppose we use pkill -9 sq in a different terminal right after t...

3.8CVSS5.7AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/05 7:56 a.m.22 views

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.3.SP1)

An update for Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available RHBQ 3.27.3.SP1. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product...

9.3CVSS5.9AI score0.00758EPSS
Exploits0References13
OSV
OSV
added 2026/05/02 1:16 a.m.18 views

CLSA-2026-1777545003 rpm: Fix of CVE-2021-3521

CVE-2021-3521: validate and require subkey binding signatures on PGP public keys...

4.7CVSS6.7AI score0.00302EPSS
Exploits0References1
OSV
OSV
added 2026/04/30 8:56 a.m.8 views

CLSA-2026-1777539405 rpm: Fix of CVE-2021-3521

CVE-2021-3521: validate and require subkey binding signatures on PGP public keys...

4.7CVSS6.7AI score0.00302EPSS
Exploits0References1
OSV
OSV
added 2026/04/30 8:51 a.m.11 views

CLSA-2026-1777539108 rpm: Fix of CVE-2021-3521

CVE-2021-3521: validate and require subkey binding signatures on PGP public keys...

4.7CVSS5.8AI score0.00302EPSS
Exploits0References1
Fedora
Fedora
added 2026/04/30 1:21 a.m.8 views

[SECURITY] Fedora 43 Update: rust-rpm-sequoia-1.10.2-1.fc43

An implementation of the RPM PGP interface using Sequoia...

5.5CVSS5.2AI score0.00085EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2026/04/28 11:10 a.m.10 views

Security update for bouncycastle

This update for bouncycastle fixes the following issues: Update to version 1.84. Security issues fixed: CVE-2025-14813: GOSTCTR implementation unable to process more than 255 blocks correctly bsc1262225. CVE-2026-0636: LDAP injection in LDAPStoreHelper.java leads to information disclosure...

8.8CVSS5.7AI score0.00758EPSS
Exploits0References20
OSV
OSV
added 2026/04/24 3:54 p.m.5 views

SUSE-SU-2026:21404-1 Security update for bouncycastle

This update for bouncycastle fixes the following issues: - Update to version 1.84: - CVE-2025-14813: GOSTCTR implementation unable to process more than 255 blocks correctly bsc1262225. - CVE-2026-0636: LDAP Injection Vulnerability in LDAPStoreHelper.java bsc1262226. - CVE-2026-3505: Unbounded PGP...

9.9CVSS5.8AI score0.00758EPSS
Exploits0References11
vulnersOsv
vulnersOsv
added 2026/04/17 6:31 p.m.7 views

io.github.epi155:promethium-pgp-jdk5 (=0.5-B1), io.github.hWorblehat:nexus3-external-auth-plugin (=0.1.0) +220 more potentially affected by CVE-2026-3505 via org.bouncycastle:bcpg-jdk15to18 (>=1.65 <=1.82)

org.bouncycastle:bcpg-jdk15to18 MAVEN version =1.65, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-beta3, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-alpha2, =1.9.0, =1.9.0, =1.9.0, =1.9.0, =1.10.0 and more Source cves: CVE-2026-3505 Source advisory:...

8.7CVSS5.8AI score0.00758EPSS
Exploits0
EUVD
EUVD
added 2026/04/17 6:31 p.m.26 views

EUVD-2026-22855

Allocation of resources without limits or throttling vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all pg modules.This issue affects BC-JAVA: before 1.84. Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion...

8.7CVSS5.8AI score0.00758EPSS
Exploits0References3
OSV
OSV
added 2026/04/17 1:7 p.m.7 views

JLSEC-2026-124

The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...

5.9CVSS7.2AI score0.01423EPSS
Exploits1References10
vulnersOsv
vulnersOsv
added 2026/04/15 10:13 a.m.8 views

io.github.epi155:promethium-pgp-jdk5 (=0.5-B1), io.github.hWorblehat:nexus3-external-auth-plugin (=0.1.0) +220 more potentially affected by CVE-2026-3505 via org.bouncycastle:bcpg-jdk15to18 (>=1.65 <=1.82)

org.bouncycastle:bcpg-jdk15to18 MAVEN version =1.65, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-beta3, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-alpha2, =1.9.0, =1.9.0, =1.9.0, =1.9.0, =1.10.0 and more Source cves: CVE-2026-3505 Source advisory:...

8.7CVSS5.8AI score0.00758EPSS
Exploits0
Snyk
Snyk
added 2026/04/15 10:13 a.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the AEADEncDataPacket parser in AEADEncDataPacket.java. An attacker can crash packet parsing by supplying an AEAD-encrypted OpenPGP packet with an out-of-range chunk size valu...

8.7CVSS5.7AI score0.00758EPSS
Exploits0References2
CVE
CVE
added 2026/04/15 9:6 a.m.38 views

CVE-2026-3505

CVE-2026-3505 describes an Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle BC-JAVA bcpg modules. The issue affects the BC-JAVA package (all pg modules) and is tied to specific code paths including AEADEncDataPacket.java, BcAEADUtil.java, JceAEADUtil.java, and Operat...

8.7CVSS5.8AI score0.00758EPSS
Exploits0References10
OSV
OSV
added 2026/04/03 7:17 p.m.3 views

UBUNTU-CVE-2026-2625

A flaw was found in rust-rpm-sequoia. An attacker can exploit this vulnerability by providing a specially crafted Red Hat Package Manager RPM file. During the RPM signature verification process, this crafted file can trigger an error in the OpenPGP signature parsing code, leading to an...

5.5CVSS5.8AI score0.00085EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/03 10:58 a.m.5 views

CVE-2026-29138

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to claim another user's PGP signature as their own...

7.5CVSS5.9AI score0.00217EPSS
Exploits0References1
Rows per page
Query Builder