Lucene search
K

41 matches found

AstraLinux
AstraLinux
added 2026/06/02 3:27 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags The MSGSPLICEPAGES function can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later processes that may modi...

8.8CVSS6.7AI score0.93235EPSS
Exploits31References3
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.7 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-017401)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017401 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe...

8.8CVSS6AI score0.93235EPSS
Exploits31References4
SUSE CVE
SUSE CVE
added 2026/05/09 2:39 a.m.18 views

SUSE CVE-2026-43284

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later paths that may modify packet data ca...

8.8CVSS6AI score0.93235EPSS
Exploits31References136
OSV
OSV
added 2026/05/08 8:16 a.m.7 views

UBUNTU-CVE-2026-43284

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later paths that may modify packet data ca...

8.8CVSS6AI score0.93235EPSS
Exploits31References29
GithubExploit
GithubExploit
added 2026/04/30 11:13 p.m.72 views

Exploit for CVE-2026-31431

copy.fail — AFALG AEAD splice primitive - CVE-2026-31431 C por...

7.8CVSS5.6AI score0.96267EPSS
Exploits228
OSV
OSV
added 2025/12/16 7:39 p.m.4 views

GO-2025-4239 ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay in github.com/altcha-org/altcha-lib-go

ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay in github.com/altcha-org/altcha-lib-go...

6.5CVSS6.8AI score0.00262EPSS
Exploits0References10
EUVD
EUVD
added 2025/12/16 3:30 p.m.3 views

EUVD-2025-203662

In the Linux kernel, the following vulnerability has been resolved: iouring/cmdnet: fix wrong argument types for skbqueuesplice If timestamp retriving needs to be retried and the local list of SKB's already has entries, then it's spliced back into the socket queue. However, the arguments for the...

5.7AI score0.00145EPSS
Exploits0References3
NVD
NVD
added 2025/12/16 1:15 a.m.9 views

CVE-2025-68113

ALTCHA is privacy-first software for captcha and bot protection. A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to...

6.5CVSS0.00262EPSS
Exploits0References10
Cvelist
Cvelist
added 2025/12/16 12:53 a.m.26 views

CVE-2025-68113 ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay

ALTCHA is privacy-first software for captcha and bot protection. A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to...

6.5CVSS0.00262EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2025/12/16 12:53 a.m.4 views

CVE-2025-68113 ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay

ALTCHA is privacy-first software for captcha and bot protection. A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to...

6.5CVSS6.3AI score0.00262EPSS
Exploits0References10
CVE
CVE
added 2025/12/16 12:53 a.m.12 views

CVE-2025-68113

CVE-2025-68113 (ALTCHA) describes a cryptographic semantic binding flaw in ALTCHA libraries where the HMAC does not unambiguously bind challenge parameters to the nonce, enabling potential replay of previously solved challenges depending on server-side handling. Affected components include ALTCHA...

6.5CVSS6.3AI score0.00262EPSS
Exploits0References10
OSV
OSV
added 2025/12/16 12:53 a.m.6 views

CVE-2025-68113 ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay

ALTCHA is privacy-first software for captcha and bot protection. A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to...

6.5CVSS6.6AI score0.00262EPSS
Exploits0References12
OSV
OSV
added 2025/12/16 12:43 a.m.4 views

GHSA-6GVQ-JCMP-8959 ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay

Impact A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to reinterpret a valid proof-of-work submission with a modifi...

6.5CVSS6.6AI score0.00262EPSS
Exploits0References13
Github Security Blog
Github Security Blog
added 2025/12/16 12:43 a.m.8 views

ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay

Impact A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to reinterpret a valid proof-of-work submission with a modifi...

6.5CVSS6.7AI score0.00262EPSS
Exploits0References13Affected Software5
GitLab Advisory Database
GitLab Advisory Database
added 2025/12/16 12:0 a.m.7 views

ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay

A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to reinterpret a valid proof-of-work submission with a modified...

6.5CVSS6.8AI score0.00262EPSS
Exploits0References14Affected Software1
RubySec
RubySec
added 2025/12/16 12:0 a.m.6 views

ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay

Impact A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to reinterpret a valid proof-of-work submission with a modifi...

6.5CVSS6.6AI score0.00262EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2003-0135

Malware in sbrugna...

7.5CVSS8.7AI score0.04284EPSS
Exploits0References18
Packet Storm News
Packet Storm News
added 2025/05/22 12:0 a.m.3 views

Can ChatGPT Perform Image Splicing Detection? A Preliminary Study

Multimodal Large Language Models MLLMs like GPT-4V are capable of reasoning across text and image modalities, showing promise in a variety of complex vision-language tasks. In this preliminary study, we investigate the out-of-the-box capabilities of GPT-4V in the domain of image forensics,...

6.8AI score
Exploits0
HackRead
HackRead
added 2025/04/16 1:1 p.m.11 views

SquareX to Uncover Data Splicing Attacks at BSides San Francisco, A Major DLP Flaw that Compromises Data Security of Millions

Palo Alto, California, 16th April 2025, CyberNewsWire...

7.3AI score
Exploits0
OSV
OSV
added 2024/05/21 4:15 p.m.6 views

UBUNTU-CVE-2023-52767

In the Linux kernel, the following vulnerability has been resolved: tls: fix NULL deref on tlsswspliceeof with empty record syzkaller discovered that if tlsswspliceeof is executed as part of sendfile when the plaintext/ciphertext skmsg are empty, the send path gets confused because the empty...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References6
Rows per page
Query Builder