Astra Linux - уязвимость в firefox

A transient execution vulnerability, named Floating Point Value Injection FPVI, allowed attackers to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. A related vulnerability, Speculative Code Store Bypass SCSB, did not affect Firefox. This vulnerability affect...

Floating Point Value Injection (FPVI) Variant in AMD CPUs

Summary Researchers shared with AMD a report titled “TREVEX: A Black-Box Detection Framework For Data-Flow Transient Execution Vulnerabilities.” The researchers' paper introduced a Floating-Point Value Injection FPVI variant, which could allow an attacker with a deep understanding of...

SUSE CVE-2025-8556

A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange...

EUVD-2021-13120

Malware in sbrugna...

EUVD-2025-23815

Malicious code in bioql PyPI...

CVE-2025-34235 Vasion Print (formerly PrinterLogic) Weak SSL/TLS Certificate Validation RCE

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 Windows client deployments contain a registry key that can be enabled by administrators, causing the client to skip SSL/TLS certificate validation. An attacker who can...

GHSA-522R-9946-FW43 Duplicate Advisory: CIRCL-Fourq: Missing and wrong validation can lead to incorrect results

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2x5j-vhc8-9cwm. This link is maintained to preserve external references. Original Description A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to...

CVE-2025-8556

A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange...

CVE-2025-8556

A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange...

CVE-2025-8556

A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange. Mitigation Mitigation for this issue is either not availabl...

CISA Adds Eight Known Exploited Vulnerabilities to Catalog

CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2019-17621 D-Link DIR-859 Router Command Execution Vulnerability CVE-2019-20500 D-Link DWL-2600AP Access Point Command Injection Vulnerability CVE-2021-25487...

CVE-2021-26314

Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage...

Design/Logic Flaw

Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage...

PT-2021-17000 · Amd +11 · All Supported Processors +8

Name of the Vulnerable Software and Affected Versions: All supported CPU products affected versions not specified Description: The issue concerns potential floating point value injection in CPU products, which, when combined with software vulnerabilities related to speculative execution, can lead...