Lucene search
K

252 matches found

FreeBSD
FreeBSD
added 2025/11/20 12:0 a.m.10 views

wolfssl -- multiple issues

wolfSSL blog reports: This release includes multiple fixes across TLS 1.2, TLS 1.3, X25519, XChaCha20-Poly1305, and PSK processing. Highlights include: A timing-side-channel issue in X25519 specifically affecting Xtensa-based ESP32 devices. Low-memory X25519 implementations are now the default fo...

8.2CVSS7.1AI score0.00408EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.3 views

Siemens SIMATIC S7-1500 Use After Free (CVE-2021-20232)

A flaw was found in gnutls. A use after free issue in clientsendparams in lib/ext/presharedkey.c may lead to memory corruption and other potential consequences. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 809...

9.8CVSS6.6AI score0.03444EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/15 2:11 p.m.10 views

CVE-2025-55083 Broken bounds check in Broken bounds check in _nx_secure_tls_process_clienthello_psk_extension()

In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read...

6.9CVSS0.00234EPSS
Exploits0References1
CVE
CVE
added 2025/10/15 2:11 p.m.15 views

CVE-2025-55083

CVE-2025-55083 affects NetX Duo (Eclipse Foundation ThreadX component) in versions before 6.4.4. A bound-check error leads to an out-of-bounds read (two units). Affected scope and impact are stated across multiple sources (NVD, Red Hat, OSV, CVE lists). Root cause: incorrect bound check in the re...

6.9CVSS6.5AI score0.00234EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/15 11:3 a.m.3 views

CVE-2025-55082 Potential out of bound read and info leak in_nx_secure_tls_psk_identity_find()

In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was a potential out of bound read in nxsecuretlsprocessclienthello because of a missing validation of PSK length provided in the user message...

6.9CVSS6.3AI score0.00234EPSS
Exploits0References1
CVE
CVE
added 2025/10/15 11:3 a.m.17 views

CVE-2025-55082

NetX Duo (Eclipse Foundation ThreadX) before 6.4.4 is affected by an out-of-bounds read in _nx_secure_tls_process_clienthello() due to missing validation of PSK length in the user message. This is described across multiple sources (NVD, Red Hat, OSV, CVE lists, CNNVD). The impact is a potential i...

6.9CVSS6.3AI score0.00234EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-4691

Malware in sbrugna...

2.1CVSS6.4AI score0.01895EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-4405

Malware in sbrugna...

9.3CVSS6.4AI score0.02582EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-17159

Malware in sbrugna...

5.9CVSS5.9AI score0.03038EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-44359

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00541EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-37705

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00525EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-52269

Malicious code in bioql PyPI...

10CVSS6.5AI score0.01811EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.5 views

ECOVACS robot vacuums 安全漏洞

ECOVACS robot vacuums is a line of vacuum cleaners from the Chinese company ECOVACS. A security vulnerability exists in ECOVACS robot vacuums that stems from insecure Wi-Fi communication using predictable WPA2-PSK...

6.3CVSS6.6AI score0.00202EPSS
Exploits0References3
OSV
OSV
added 2025/08/20 11:55 a.m.4 views

SUSE-SU-2025:20563-1 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2025-32988: Fixed double-free due to incorrect ownership handling bsc1246232 - CVE-2025-32989: Fixed heap buffer overread during X.509 certificate parsing bsc1246233 - CVE-2025-32990: Fixed 1-byte heap buffer overflow when parsing templates...

8.2CVSS6.8AI score0.01185EPSS
Exploits0References9
SUSE Linux
SUSE Linux
added 2025/08/20 11:49 a.m.3 views

Security update for gnutls

This update for gnutls fixes the following issues: CVE-2025-32988: Fixed double-free due to incorrect ownership handling bsc1246232 CVE-2025-32989: Fixed heap buffer overread during X.509 certificate parsing bsc1246233 CVE-2025-32990: Fixed 1-byte heap buffer overflow when parsing templates with...

9.2CVSS6.9AI score0.01185EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2025/08/11 6:26 p.m.11 views

CVE-2025-8763

A vulnerability was found in Ruijie EG306MG 3.01B11P309. It has been rated as problematic. This issue affects some unknown processing of the file /etc/strongswan.conf of the component strongSwan. The manipulation of the argument idontcareaboutsecurityanduseaggressivemodepsk leads to missing...

6.3CVSS7AI score0.00148EPSS
Exploits0References1
CVE
CVE
added 2025/08/09 6:2 p.m.24 views

CVE-2025-8763

CVE-2025-8763 concerns Ruijie EG306MG 3.0(1)B11P309 where the strongSwan component processes the /etc/strongswan.conf file. The root cause is manipulation of the argument i_dont_care_about_security_and_use_aggressive_mode_psk, leading to missing encryption of sensitive data. The vulnerability can...

6.3CVSS6.9AI score0.00148EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/08/01 3:14 p.m.3 views

Security update for gnutls

This update for gnutls fixes the following issues: CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK bsc1246299 CVE-2025-32988: Fix double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName bsc1246232 CVE-2025-32989: Fix...

9.2CVSS7.2AI score0.01185EPSS
Exploits0References16
OSV
OSV
added 2025/08/01 3:14 p.m.4 views

SUSE-SU-2025:02595-1 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK bsc1246299 - CVE-2025-32988: Fix double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName bsc1246232 - CVE-2025-32989:...

8.2CVSS6AI score0.01185EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/07/21 12:0 a.m.3 views

PT-2025-30291 · Unknown +1 · Strongswan +1

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-WLC100P version 2.03b03 Description: The i dont care about security and use aggressive mode psk option is enabled in the strongSwan configuration file, allowing IKE Responders to use IKEv1 Aggressive Mode with Pre-Shared Keys. Th...

7.3CVSS6.5AI score0.00288EPSS
Exploits0References8
Rows per page
Query Builder