JLSEC-2026-26

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportuni...

Security Parameter Analysis of the LINEture Post-Quantum Digital Signature Scheme

This paper presents a comprehensive cryptographic analysis of the security parameters of the LINEture post-quantum digital signature scheme, which is constructed using matrix algebra over elementary abelian 2-groups. We investigate the influence of three principal parameters. First, the word size...

RejSCore: Rejection Sampling Core for Multivariate-Based Public Key Cryptography

Post-quantum multivariate public key cryptography MPKC schemes resist quantum threats but require heavy operations, such as rejection sampling, which challenge resource-limited devices. Prior hardware designs have addressed various aspects of MPKC signature generation. However, rejection sampling...

CVE-2025-55087

In NextX Duo's snmp addon versions before 6.4.4, a part of the Eclipse Foundation ThreadX, an attacker could cause an out-of-bound read by a crafted SNMPv3 security parameters...

CVE-2025-55087

In NextX Duo's snmp addon versions before 6.4.4, a part of the Eclipse Foundation ThreadX, an attacker could cause an out-of-bound read by a crafted SNMPv3 security parameters...

CVE-2025-55087

Summary of CVE-2025-55087 (CVE-2025-55087) : The vulnerability affects NextX Duo’s SNMP addon (part of Eclipse ThreadX) in versions prior to 6.4.4. An attacker could trigger an out-of-bounds read by sending crafted SNMPv3 security parameters. Public data from NVD and other sources describe the sa...

CVE-2025-55087

In NextX Duo's snmp addon versions before 6.4.4, a part of the Eclipse Foundation ThreadX, an attacker could cause an out-of-bound read by a crafted SNMPv3 security parameters...

EUVD-2019-5017

Malware in sbrugna...

EUVD-2019-5239

Malware in sbrugna...

EUVD-2025-19715

Malicious code in bioql PyPI...

EUVD-2022-29056

Malicious code in bioql PyPI...

EUVD-2025-25038

Malicious code in bioql PyPI...

EUVD-2025-22125

Malicious code in bioql PyPI...

CVE-2025-44649

The CVE-2025-44649 entry affects TRENDnet TEW-WLC100P 2.03b03, where the racoon configuration uses exchage_mode = aggressive in IKE Phase 1. This exposes identity information in plaintext and is vulnerable to offline dictionary attacks, while limiting security-parameter negotiation. CVSS v3.1 bas...

PT-2025-30306 · Trendnet · Trendnet Tew-Wlc100P

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-WLC100P version 2.03b03 Description: The configuration of racoon within the device sets the exchage mode to aggressive. Utilizing aggressive mode in IKE Phase 1 results in the exposure of identity information in plaintext, making...

PT-2025-27634 · Dataease · Dataease

Name of the Vulnerable Software and Affected Versions: DataEase versions prior to 2.10.11 Description: DataEase is an open source business intelligence and data visualization tool. The issue lies in parameters like sslfactory and sslfactoryarg, which have similar functionality to socketfactory an...

CVE-2022-24145

Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function formWifiBasicSet. This vulnerability allows attackers to cause a Denial of Service DoS via the security and security5g parameters...

PT-2024-2885 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 20.4R3-S9 Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S7 Juniper Networks Junos OS 21.3 versions prior to 21.3R3-S5 Juniper Networks Junos OS 21.4 versions prior to 21.4R3-S4 Juniper...

varnish security update

6.6.2-3.el92.1 - Add parameters h2rstallowance and h2rstallowanceperiod to mitigate CVE-2023-44487 - Resolves: RHEL-12818...

SUSE CVE-2020-25694

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportuni...