99 matches found
Astra Linux - уязвимость в golang-1.19
The ScalarMult and ScalarBaseMult methods of the P256 Curve may return incorrect results if called with certain specific unreduced scalars scalars that are larger than the order of the curve. This does not affect the usage of crypto/ecdsa or crypto/ecdh...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed an improper scalar handling in the maybeforkscalars function for BPFOR. The maybeforkscalars function is called for both BPFAND and BPFOR when the source operand is a constant. When dst has a signed range of -1, 0, it...
CVE-2026-31413
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix unsound scalar forking in maybeforkscalars for BPFOR maybeforkscalars is called for both BPFAND and BPFOR when the source operand is a constant. When dst has signed range -1, 0, it forks the verifier state: the pushed pa...
CVE-2026-31413
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix unsound scalar forking in maybeforkscalars for BPFOR maybeforkscalars is called for both BPFAND and BPFOR when the source operand is a constant. When dst has signed range -1, 0, it forks the verifier state: the pushed pa...
CVE-2026-31413
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix unsound scalar forking in maybeforkscalars for BPFOR maybeforkscalars is called for both BPFAND and BPFOR when the source operand is a constant. When dst has signed range -1, 0, it forks the verifier state: the pushed pa...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a scalar fork logic error in the BPFOR instruction within the maybeforkscalars function. This error may...
Improper Verification of Cryptographic Signature
Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to improper validation of the wcVerifyEccsiHash process. An attacker can bypass signature verification and impersonate any identity by submitting crafted signatures containing invalid...
CVE-2019-18602
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer...
EUVD-2025-203688
In the Linux kernel, the following vulnerability has been resolved: bpf: account for current allocated stack depth in widenimprecisescalars The usage pattern for widenimprecisescalars looks as follows: prevst = findpreventryenv, ...; queuedst = pushstack...; widenimprecisescalarsenv, prevst,...
CVE-2025-68208
In the Linux kernel, the following vulnerability has been resolved: bpf: account for current allocated stack depth in widenimprecisescalars The usage pattern for widenimprecisescalars looks as follows: prevst = findpreventryenv, ...; queuedst = pushstack...; widenimprecisescalarsenv, prevst,...
CVE-2025-68208
In the Linux kernel, the following vulnerability has been resolved: bpf: account for current allocated stack depth in widenimprecisescalars The usage pattern for widenimprecisescalars looks as follows: prevst = findpreventryenv, ...; queuedst = pushstack...; widenimprecisescalarsenv, prevst,...
UBUNTU-CVE-2025-68208
In the Linux kernel, the following vulnerability has been resolved: bpf: account for current allocated stack depth in widenimprecisescalars The usage pattern for widenimprecisescalars looks as follows: prevst = findpreventryenv, ...; queuedst = pushstack...; widenimprecisescalarsenv, prevst,...
CVE-2025-68208
CVE-2025-68208 (Linux kernel) is a root-cause variability in BPF widen_imprecise_scalars() where prev_st may have different allocated_stack depth than queued_st, risking out-of-bounds access to bpf_verifier_state->frame[*]->stack. The issue has been resolved in kernel updates referenced by ...
CVE-2025-68208 bpf: account for current allocated stack depth in widen_imprecise_scalars()
In the Linux kernel, the following vulnerability has been resolved: bpf: account for current allocated stack depth in widenimprecisescalars The usage pattern for widenimprecisescalars looks as follows: prevst = findpreventryenv, ...; queuedst = pushstack...; widenimprecisescalarsenv, prevst,...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from widenimprecisescalars not taking into account the currently allocated stack depth, which could lead to...
PT-2025-51621
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the widen imprecise scalars function related to stack depth accounting. The function does not properly account for differences in allocated stac...
Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2021-20305)
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allow...
EUVD-2019-8336
Malware in sbrugna...
EUVD-2025-3034
Malicious code in bioql PyPI...
EUVD-2023-0995
Malicious code in bioql PyPI...