Lucene search
K

666 matches found

SUSE CVE
SUSE CVE
added 2026/06/13 2:19 a.m.9 views

SUSE CVE-2026-42767

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

6.5CVSS5.4AI score0.00349EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.10 views

CVE-2026-33585

Improper management of the idle timeout parameter in the Keycloak interface of the Arqit SKA-Platform enables an attacker to impersonate an authenticated tenant user via an unexpired browser session. This issue affects Symmetric Key Agreement Platform: before 26.03...

3.8CVSS5.5AI score0.00134EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.9 views

CVE-2026-33584

Exposed Keycloak management service in the Arqit Symmetric Key Agreement Platform enables unauthorized access to sensitive debug information such as metrics and health data. This issue affects Symmetric Key Agreement Platform: before 26.03...

5.3CVSS5.4AI score0.00305EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.10 views

CVE-2025-8095

The OECH1 prefix encoding is intended to obfuscate values across the OpenEdge platform. It has been identified as cryptographically weak and unsuitable for stored encodings and enterprise applications. OECH1 encodings should be considered exploitable and immediately replaced by any other supporte...

10CVSS5.4AI score0.00216EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.9 views

CVE-2026-33583

Exposure of the QKEY used as input into the ‘OTA-Quantum’ device registration process and internal system keys via an unauthenticated and unencrypted HTTP GET method in the Arqit Symmetric Key Agreement Platform. This issue affects Symmetric Key Agreement Platform: before 26.03...

8.7CVSS5.5AI score0.00208EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 7:9 a.m.8 views

CVE-2026-50208 Permissive TrustAllCerts TLS Verification

High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle MITM actor could decrypt network traffic...

9.2CVSS5.8AI score0.00141EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:57 p.m.9 views

CVE-2026-46063

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

5.8AI score0.00094EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/05/18 6:17 p.m.16 views

CVE-2026-32848

NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodevop within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently issuing CIOCCRYPT operations on the same session identifier on SMP systems. Attackers can exploit...

5.7CVSS0.00082EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/18 5:52 p.m.14 views

EUVD-2026-30791

NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodevop within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently issuing CIOCCRYPT operations on the same session identifier on SMP systems. Attackers can exploit...

5.7CVSS5.8AI score0.00082EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.13 views

PT-2026-41713

Name of the Vulnerable Software and Affected Versions NetBSD versions prior to commit ec8451e Description A race condition in the cryptodev op function within the opencrypto subsystem allows local attackers to trigger a double-free condition on SMP Symmetric Multiprocessing systems. This occurs...

5.7CVSS5.8AI score0.00082EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/15 2:35 p.m.7 views

CVE-2025-14972

Countermeasures for DPA within SYMCRYPTO engine on SixG301xxx devices are not sufficiently random and will eventually repeat. KSU keys using SYMCRYPTO will be impacted by this vulnerability...

4.1CVSS5.8AI score0.00146EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/13 9:32 p.m.15 views

EUVD-2026-30114

Exposed Keycloak management service in the Arqit Symmetric Key Agreement Platform enables unauthorized access to sensitive debug information such as metrics and health data. This issue affects Symmetric Key Agreement Platform: before 26.03...

5.3CVSS5.8AI score0.00305EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 7:17 p.m.14 views

CVE-2026-33585

Improper management of the idle timeout parameter in the Keycloak interface of the Arqit SKA-Platform enables an attacker to impersonate an authenticated tenant user via an unexpired browser session. This issue affects Symmetric Key Agreement Platform: before 26.03...

3.8CVSS0.00134EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/13 6:46 p.m.8 views

CVE-2026-33585

Improper management of the idle timeout parameter in the Keycloak interface of the Arqit SKA-Platform enables an attacker to impersonate an authenticated tenant user via an unexpired browser session. This issue affects Symmetric Key Agreement Platform: before 26.03...

3.8CVSS5.8AI score0.00134EPSS
Exploits0References2
CVE
CVE
added 2026/05/13 6:30 p.m.14 views

CVE-2026-33584

Summary: CVE-2026-33584 affects the Arqit Symmetric Key Agreement Platform, where the Keycloak management service is exposed, allowing unauthorized access to sensitive debug information (metrics and health data) for versions before 26.03. The CVSS 3.1 base score is 5.3 (MEDIUM) with network attac...

5.3CVSS5.8AI score0.00305EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/13 6:19 p.m.8 views

CVE-2026-33583

Exposure of the QKEY used as input into the ‘OTA-Quantum’ device registration process and internal system keys via an unauthenticated and unencrypted HTTP GET method in the Arqit Symmetric Key Agreement Platform. This issue affects Symmetric Key Agreement Platform: before 26.03...

5.8AI score0.00208EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 6:19 p.m.52 views

CVE-2026-33583 Arqit SKA-Platform Vulnerable to Key Exposure

Exposure of the QKEY used as input into the ‘OTA-Quantum’ device registration process and internal system keys via an unauthenticated and unencrypted HTTP GET method in the Arqit Symmetric Key Agreement Platform. This issue affects Symmetric Key Agreement Platform: before 26.03...

8.7CVSS0.00208EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

Arqit Symmetric Key Agreement Platform 安全漏洞

The Arqit Symmetric Key Agreement Platform is a quantum-safe key negotiation platform developed by Arqit Corporation. Versions prior to 26.03 of the Arqit Symmetric Key Agreement Platform contained security vulnerabilities. These vulnerabilities stemmed from improper management of the idle timeou...

3.8CVSS5.8AI score0.00134EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.23 views

PT-2026-40762

Exposure of the QKEY used as input into the ‘OTA-Quantum’ device registration process and internal system keys via an unauthenticated and unencrypted HTTP GET method in the Arqit Symmetric Key Agreement Platform. This issue affects Symmetric Key Agreement Platform: before 26.03...

8.7CVSS5.8AI score0.00208EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.16 views

Arqit Symmetric Key Agreement Platform 安全漏洞

The Arqit Symmetric Key Agreement Platform is a quantum-safe key negotiation platform developed by Arqit Corporation. Versions prior to 26.03 of the Arqit Symmetric Key Agreement Platform contained security vulnerabilities. These vulnerabilities stemmed from exposing the QKEY and internal system...

8.7CVSS5.8AI score0.00208EPSS
Exploits0References1
Rows per page
Query Builder