156 matches found
CVE-2026-14684 HdrHistogram AbstractHistogram.java memory allocation
A flaw has been found in HdrHistogram up to 2.2.2. This affects the function org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. This manipulation of the argument numberOfSignificantValueDigits causes uncontrolled memory...
Cacti 1.2.24 - SQL Injection
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graphview.php. Since guest users can access graphview.php without authentication by default, if guest users are being utilized in an enabled state, there...
CVE-2026-10512
The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field element in a non-canonical form, producing an incorrect result from the...
EUVD-2026-39552
The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field element in a non-canonical form, producing an incorrect result from the...
Set Shaping Theory As a Complementary Payload-Shaping Layer for Steganography
This paper studies the use of Set Shaping Theory SST as a reversible payload-shaping layer for least significant bit LSB image steganography. The proposal is not intended to replace existing steganographic methods or to compete with them as a new embedding scheme. Instead, SST is positioned as a...
USN-8087-3 python-cryptography vulnerability
USN-8087-1 fixed a vulnerability in python-cryptography. This update provides the corresponding update to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that python-cryptography incorrectly handled subgroup validation for SECT curves. A remo...
Stegano 2.4.1
Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit LSB technique. It is possible to use a more advanced LSB method based on integers sets. The sets Sieve of...
Stegano 2.3.0
Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit LSB technique. It is possible to use a more advanced LSB method based on integers sets. The sets Sieve of...
Ubuntu: Security Advisory (USN-8087-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Stegano 2.2.0
Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit LSB technique. It is possible to use a more advanced LSB method based on integers sets. The sets Sieve of...
cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves
Vulnerability Summary The publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the point belongs to the expected prime-order subgroup of the curve. This missing validation allows an...
Stegano 2.1.0
Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit LSB technique. It is possible to use a more advanced LSB method based on integers sets. The sets Sieve of...
EUVD-2025-116946
Malicious code in significantdragonflyz3n npm...
EUVD-2025-102280
Malicious code in significantflamingoz3n npm...
EUVD-2025-102279
Malicious code in significantllamaz3n npm...
EUVD-2025-95094
Malicious code in significantdonkeyz3n npm...
EUVD-2025-75639
Malicious code in significantbutterfly-appteadev npm...
EUVD-2025-78316
Malicious code in significantorcaz3n npm...
Malicious code in significant_orca_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3450177c56b8b5de160685b90040bda61997cccf6f483958cee59540504b56e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-78317
Malicious code in significantmarlinz3n npm...