Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xfrm: Validates the prefix length of new SA entries using the SA family, when sel.family is unset. This extends the validation introduced in commit 07bf7908950a “xfrm: Validates address prefix lengths in the xfrm selector”. The...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: In brcmfmac, cfg80211: Handle PMKSA deletion based on the SSID. wpasupplicant 2.11 sends commands for PMKSA flush based on the SSID from version 1efdba5fdc2c statement: “Handle PMKSA flush in the driver for SAE/OWE offlo...

RLSA-2023:7052 Moderate: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network VPN...

CVE-2025-62514

Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, libparseccrypto, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means ...

Microsoft announces the 2026 Security Excellence Awards winners

In today’s fast‑moving digital arena, security isn’t a solo act—it’s a team sport. Every day, defenders across the globe suit up, strategize, and work shoulder‑to‑shoulder to protect organizations and communities from an ever‑evolving field of cyberthreats. That shared spirit of collaboration is...

CVE-2026-22027

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the converthexstringtobytearray function in th...

CVE-2025-36118

IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive information from device memory via a Security Association SA negotiation request...

CVE-2025-36118

IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive information from device memory via a Security Association SA negotiation request...

CVE-2025-36118 IBM Storage Virtualize Information Disclosure

IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive information from device memory via a Security Association SA negotiation request...

PT-2025-47207

Name of the Vulnerable Software and Affected Versions IBM Storage Virtualize versions 8.4 through 9.1 Description The IKEv1 implementation contains a flaw that could allow remote attackers to obtain sensitive information from device memory during a Security Association SA negotiation request...

EUVD-2020-12522

Malware in sbrugna...

EUVD-2002-1090

Malware in sbrugna...

EUVD-2006-0909

Malware in sbrugna...

EUVD-2025-13901

Malicious code in bioql PyPI...

EUVD-2025-29057

Malicious code in bioql PyPI...

AZL-70760 CVE-2025-39797 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: xfrm: Duplicate SPI Handling The issue originates when Strongswan initiates an XFRMMSGALLOCSPI Netlink message, which triggers the kernel function xfrmallocspi. This function is expected to ensure uniqueness of the Security...

CVE-2021-23039

On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.2.8, and all versions of 13.1.x and 12.1.x, when IPSec is configured on a BIG-IP system, undisclosed requests from an authorized remote IPSec peer, which already has a negotiated Security Association, can cause the Traffi...

kernel: bonding: fix xfrm real_dev null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...

CVE-2025-20192

A vulnerability in the Internet Key Exchange version 1 IKEv1 implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. The attacker must have valid IKEv1 VPN credentials to exploit this vulnerability. This vulnerability is du...

CVE-2025-20192

Summary: CVE-2025-20192 affects Cisco IOS XE Software. It is a vulnerability in the IKEv1 implementation where improper validation of IKEv1 phase 2 parameters before handing off to the hardware cryptographic accelerator can allow an authenticated, remote attacker with valid IKEv1 VPN credentials ...