252 matches found
wolfssl -- multiple issues
wolfSSL blog reports: This release includes multiple fixes across TLS 1.2, TLS 1.3, X25519, XChaCha20-Poly1305, and PSK processing. Highlights include: A timing-side-channel issue in X25519 specifically affecting Xtensa-based ESP32 devices. Low-memory X25519 implementations are now the default fo...
Siemens SIMATIC S7-1500 Use After Free (CVE-2021-20232)
A flaw was found in gnutls. A use after free issue in clientsendparams in lib/ext/presharedkey.c may lead to memory corruption and other potential consequences. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 809...
CVE-2025-55083 Broken bounds check in Broken bounds check in _nx_secure_tls_process_clienthello_psk_extension()
In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read...
CVE-2025-55083
CVE-2025-55083 affects NetX Duo (Eclipse Foundation ThreadX component) in versions before 6.4.4. A bound-check error leads to an out-of-bounds read (two units). Affected scope and impact are stated across multiple sources (NVD, Red Hat, OSV, CVE lists). Root cause: incorrect bound check in the re...
CVE-2025-55082 Potential out of bound read and info leak in_nx_secure_tls_psk_identity_find()
In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was a potential out of bound read in nxsecuretlsprocessclienthello because of a missing validation of PSK length provided in the user message...
CVE-2025-55082
NetX Duo (Eclipse Foundation ThreadX) before 6.4.4 is affected by an out-of-bounds read in _nx_secure_tls_process_clienthello() due to missing validation of PSK length in the user message. This is described across multiple sources (NVD, Red Hat, OSV, CVE lists, CNNVD). The impact is a potential i...
EUVD-2005-4691
Malware in sbrugna...
EUVD-2007-4405
Malware in sbrugna...
EUVD-2018-17159
Malware in sbrugna...
EUVD-2023-44359
Malicious code in bioql PyPI...
EUVD-2023-37705
Malicious code in bioql PyPI...
EUVD-2022-52269
Malicious code in bioql PyPI...
ECOVACS robot vacuums 安全漏洞
ECOVACS robot vacuums is a line of vacuum cleaners from the Chinese company ECOVACS. A security vulnerability exists in ECOVACS robot vacuums that stems from insecure Wi-Fi communication using predictable WPA2-PSK...
SUSE-SU-2025:20563-1 Security update for gnutls
This update for gnutls fixes the following issues: - CVE-2025-32988: Fixed double-free due to incorrect ownership handling bsc1246232 - CVE-2025-32989: Fixed heap buffer overread during X.509 certificate parsing bsc1246233 - CVE-2025-32990: Fixed 1-byte heap buffer overflow when parsing templates...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2025-32988: Fixed double-free due to incorrect ownership handling bsc1246232 CVE-2025-32989: Fixed heap buffer overread during X.509 certificate parsing bsc1246233 CVE-2025-32990: Fixed 1-byte heap buffer overflow when parsing templates with...
CVE-2025-8763
A vulnerability was found in Ruijie EG306MG 3.01B11P309. It has been rated as problematic. This issue affects some unknown processing of the file /etc/strongswan.conf of the component strongSwan. The manipulation of the argument idontcareaboutsecurityanduseaggressivemodepsk leads to missing...
CVE-2025-8763
CVE-2025-8763 concerns Ruijie EG306MG 3.0(1)B11P309 where the strongSwan component processes the /etc/strongswan.conf file. The root cause is manipulation of the argument i_dont_care_about_security_and_use_aggressive_mode_psk, leading to missing encryption of sensitive data. The vulnerability can...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK bsc1246299 CVE-2025-32988: Fix double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName bsc1246232 CVE-2025-32989: Fix...
SUSE-SU-2025:02595-1 Security update for gnutls
This update for gnutls fixes the following issues: - CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK bsc1246299 - CVE-2025-32988: Fix double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName bsc1246232 - CVE-2025-32989:...
PT-2025-30291 · Unknown +1 · Strongswan +1
Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-WLC100P version 2.03b03 Description: The i dont care about security and use aggressive mode psk option is enabled in the strongSwan configuration file, allowing IKE Responders to use IKEv1 Aggressive Mode with Pre-Shared Keys. Th...