Lightweight Hybrid Block-Stream Cryptographic Algorithm for the Internet of Things

In this thesis, a novel lightweight hybrid encryption algorithm named SEPAR is proposed, featuring a 16-bit block length and a 128-bit initialization vector. The algorithm is designed specifically for application in Internet of Things IoT technology devices. The design concept of this algorithm i...

GO-2025-3588 Go-Guerrilla SMTP Daemon allows the PROXY command to be sent multiple times in github.com/phires/go-guerrilla

Go-Guerrilla SMTP Daemon allows the PROXY command to be sent multiple times in github.com/phires/go-guerrilla...

Microsoft Security Update Validation Report December 2021

Microsoft’s December 2021 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwa...

Microsoft Security Update Validation Report October 2021

Microsoft’s October 2021 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwar...

`aes-soft` has been merged into the `aes` crate

Please use the aes crate going forward. The new repository location is at: AES-NI is now autodetected at runtime on i686/x86-64 platforms. If AES-NI is not present, the aes crate will fallback to a constant-time portable software implementation. To force the use of a constant-time portable...

Side-Channel PoC Attack Lifts Private RSA Keys from Mobile Phones

Researchers have developed a proof-of-concept side-channel attack that allows them to pull encryption keys from a single decryption for a modern version of OpenSSL. The attack impacts mobile devices — without physical access to the handsets. A group of researchers at Georgia Tech were able to...

CVE-2015-3931 Microsec e-Szigno, CVE-2015-3932 Netlock Mokka XSW vulnerability

In November 2014, SEARCH-LAB Ltd. discovered a security vulnerability in Microsec e-Szigno, and Netlock Mokka computer applications that are used to generate and validate digital signatures, which are applied within the official Hungarian government processes. The vulnerability affected the...

Transport Layer Security Renegotiation Remote Man-in-the-Middle Attack Vulnerability

Multiple Transport Layer Security TLS implementations contain a vulnerability when renegotiating a TLS session that could allow an unauthenticated, remote attacker to conduct a man-in-the-middle attack. The vulnerability exists during a TLS renegotiation process. If an attacker can intercept...

cups DoS

DoS on incomplete header...

CVE-2022-37950

...

CVE-2021-3587

...

CVE-2020-12565

...

CVE-2024-4155

...