liboqs 信息泄露漏洞

liboqs is an Open Quantum Safe open source C library for quantum-safe cryptographic algorithms. An information disclosure vulnerability exists in liboqs versions prior to 0.14.0, which stems from a secret dependency branch in the HQC key wrapping mechanism...

pqc_kyber KyberSlash: division timings depending on secrets

Various Kyber software libraries in various environments leak secret information into timing, specifically because these libraries include a line of code that divides a secret numerator by a public denominator, the number of CPU cycles for division in various environments varies depending on the...

Not safe transferFrom

Lines of code Vulnerability details Impact The Safe library says: @dev Caution! This library won't check that a token has code, responsibility is delegated to the caller. But this check is not made in Swivel contract, so the Safe library it's prone to phantom methods attacks. Supposedly it is a...

FreeBSD OpenSSH DoS

Race condition because of invalid thread-safe library linking...

Important: Red Hat Security Advisory: mysql security update

Updated packages are available that fix both a double-free security vulnerability and a remote root exploit security vulnerability found in the MySQL server. Updated 11 Aug 2003 Updated mysqlclient9 packages are now included. These were previously missing from this erratum. MySQL is a multi-user,...