CVE-2026-35089

In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can be obtained without authentication. An unauthenticated attacker can deduce the secure key and obtain admin credentials. This issue was fixed in versions below: - IPx...

CVE-2026-35089 Use of Weak Credentials in Slican telephone exchanges

In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can be obtained without authentication. An unauthenticated attacker can deduce the secure key and obtain admin credentials. This issue was fixed in versions below: - IPx...

Secure (Multiple) Key-Cast over Networks: Multiple Eavesdropping Nodes

We study the secure multiple key-cast problem over noiseless networks under node-based eavesdroppers, where one or more source nodes participate in the generation of distinct secret keys to be shared among designated terminal subsets, while an eavesdropper observing up to $\ell$ nodes, including...

Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key...

SUSE-SU-2026:1520-1 Security update 5.1.3 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-lusitaniae-apacheexporter: - Internal changes to fix build issues with no impact for customers spacecmd: - Version 5.1.13-0 Updated translation strings uyuni-tools: - Version 5.1.26-0 Fixed applying PTF with images from RPMs bsc1252548 Ssl Key...

PT-2026-5979

Name of the Vulnerable Software and Affected Versions FUXA version 1.2.7 Description The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication, potentially gaining full administrative access. The...

CVE-2024-34717

PrestaShop is an open source e-commerce web application. In PrestaShop 8.1.5, any invoice can be downloaded from front-office in anonymous mode, by supplying a random securekey parameter in the url. This issue is patched in version 8.1.6. No known workarounds are available...

Processing Entangled Links into Secure Cryptographic Keys

The following paper presents a holistic approach to the processing of entangled links within entanglement based quantum key distribution protocols, whose security relies on the Bell inequality. We investigate the interactions, and the collective impact, of the whole processing chain on the final...

EUVD-2024-1499

Malicious code in bioql PyPI...

EUVD-2021-27507

Malicious code in bioql PyPI...

Exploring Satellite Quantum Key Distribution under Atmospheric Constraints

Satellite Quantum Key Distribution creates a pathway for secure global communication with a level of security that is peerless. However, ground-to-satellite Quantum Key Distribution links are degraded due to the atmospheric turbulence. This paper gives a numerical framework using angular spectrum...

Secure User-Friendly Blockchain Modular Wallet Design Using Android and OP-TEE

Emerging crypto economies still hemorrhage digital assets because legacy wallets leak private keys at almost every layer of the software stack, from user-space libraries to kernel memory dumps. This paper solves that twin crisis of security and interoperability by re-imagining key management as a...

CVE-2024-42156

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key...

AZL-47361 CVE-2024-42156 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key...

UBUNTU-CVE-2024-42156

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures on failure Wipe all sensitive data from stack for all IOCTLs, which convert a clear-key into a protected- or secure-key...

CVE-2024-42156

The CVE-2024-42156 issue concerns the Linux kernel s390/pkey code, where copies of clear-key structures are wiped on failure. The underlying flaw wipes sensitive data from the stack for all IOCTLs converting a clear-key into a protected- or secure-key, exposing confidentiality risk. Documents con...

PT-2024-26131 · Unknown · Prestashop

Name of the Vulnerable Software and Affected Versions: PrestaShop version 8.1.5 Description: PrestaShop is an open source e-commerce web application. The issue allows any invoice to be downloaded from the front-office in anonymous mode by supplying a random secure key parameter in the url...

BIT-AIRFLOW-2023-40273 Session fixation in Apache Airflow web interface

The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database for database session backen...

CVE-2023-40273

The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database for database session backen...

CVE-2023-40273

The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database for database session backen...