GPS As a Key Distribution Platform

This is interesting: The U.S. military has likely been quietly broadcasting codes for its global encryption network using public GPS for nearly 20 years, turning each satellite into a hidden "numbers station," according to Steven Murdoch… That means every device that uses GPS has been receiving...

MiracleLinux 9 : libssh-0.10.4-11.el9 (AXSA:2023-6991:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6991:04 advisory. libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature...

MiracleLinux 8 : libssh-0.9.6-10.el8 (AXSA:2023-6150:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6150:03 advisory. libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature...

MiracleLinux 8 : libssh-0.9.6-3.el8 (AXSA:2022-3399:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3399:01 advisory. libssh: possible heap-based buffer overflow when rekeying CVE-2021-3634 Tenable has extracted the preceding description block directly from the MiracleLinux...

CVE-2025-9614

CVE-2025-9614 is part of PCIe IDE vulnerabilities described in multiple sources (PCI-SIG/PCIe IDE spec). The issue: insufficient guidance on re-keying/stream flushing during device rebinding can allow stale writes from one security context to be processed in a new one, compromising confidentialit...

PCI-SIG PCI Express Integrity and Data Encryption 安全漏洞

PCI-SIG PCI Express Integrity and Data Encryption is a data encryption software from PCI-SIG, USA. A security vulnerability exists in PCI-SIG PCI Express Integrity and Data Encryption that stems from insufficient re-keying and stream refresh guidance during device rebinding, which could result in...

EUVD-2014-2375

Malware in sbrugna...

Oracle Linux 9 : gnutls (ELSA-2025-20606)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20606 advisory. 3.8.3-6.2fips - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35925409 - Update FIPS module name for Oracle Linux...

Oracle Linux 9 : gnutls (ELSA-2025-16116)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-16116 advisory. 3.8.3-6.2 - keyupdate: rework the rekeying logic RHEL-107498 3.8.3-6.1 - Fix CVE-2025-32988, CVE-2025-32989, CVE-2025-32990, and CVE-2025-6395 Tenable...

gnutls security, bug fix, and enhancement update

3.8.3-6.2 - keyupdate: rework the rekeying logic RHEL-107498 3.8.3-6.1 - Fix CVE-2025-32988, CVE-2025-32989, CVE-2025-32990, and CVE-2025-6395...

Fedora 41 : gnutls (2025-814d6183dd)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-814d6183dd advisory. This updates gnutls to the latest upstream release. Notable changes are: PKCS11 cryptographic provider support Support for kTLS rekeying with kernel 6.14+...

Fedora 42 : gnutls (2025-16a24364ce)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-16a24364ce advisory. This updates gnutls to the latest upstream release. Notable changes are: PKCS11 cryptographic provider support Support for kTLS rekeying with kernel...

CVE-2019-1582

Memory corruption in PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session...

libssh: NULL pointer dereference during rekeying with algorithm guessing

A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service...

libssh: NULL pointer dereference during rekeying with algorithm guessing

A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service...

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2023:6643 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 For more...

Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 For more...

libssh: NULL pointer dereference during rekeying with algorithm guessing

A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service...

Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 For more...