CVE-2025-8095

The OECH1 prefix encoding is intended to obfuscate values across the OpenEdge platform. It has been identified as cryptographically weak and unsuitable for stored encodings and enterprise applications. OECH1 encodings should be considered exploitable and immediately replaced by any other supporte...

Quantum Computers Are Not a Threat to 128-bit Symmetric Keys

The advancing threat of cryptographically-relevant quantum computers has made it urgent to replace currently-deployed asymmetric cryptography primitives—key exchange ECDH and digital signatures RSA, ECDSA, EdDSA—which are vulnerable to Shor’s quantum algorithm. It does not, however, impact existi...

EUVD-2025-209440

The OECH1 prefix encoding is intended to obfuscate values across the OpenEdge platform. It has been identified as cryptographically weak and unsuitable for stored encodings and enterprise applications. OECH1 encodings should be considered exploitable and immediately replaced by any other...

CVE-2025-8095

The OECH1 prefix encoding is intended to obfuscate values across the OpenEdge platform. It has been identified as cryptographically weak and unsuitable for stored encodings and enterprise applications. OECH1 encodings should be considered exploitable and immediately replaced by any other...

CVE-2025-8095 Recoverable obfuscation using the OECH1 prefix encoding in OpenEdge

The OECH1 prefix encoding is intended to obfuscate values across the OpenEdge platform. It has been identified as cryptographically weak and unsuitable for stored encodings and enterprise applications. OECH1 encodings should be considered exploitable and immediately replaced by any other...

CVE-2025-8095

CVE-2025-8095 describes a vulnerability in the OECH1 prefix encoding used by the OpenEdge platform. The encoding is cryptographically weak and unsuitable for stored encodings or enterprise applications; OECH1 should be considered exploitable and immediately replaced with a supported prefix encodi...

CVE-2025-8095 Recoverable obfuscation using the OECH1 prefix encoding in OpenEdge

The OECH1 prefix encoding is intended to obfuscate values across the OpenEdge platform. It has been identified as cryptographically weak and unsuitable for stored encodings and enterprise applications. OECH1 encodings should be considered exploitable and immediately replaced by any other...

CVE-2025-8095

The OECH1 prefix encoding is intended to obfuscate values across the OpenEdge platform. It has been identified as cryptographically weak and unsuitable for stored encodings and enterprise applications. OECH1 encodings should be considered exploitable and immediately replaced by any other...

PT-2026-32625

Name of the Vulnerable Software and Affected Versions OpenEdge affected versions not specified Description The OECH1 prefix encoding, used to obfuscate values across the platform, is cryptographically weak. This makes it unsuitable for enterprise applications and stored encodings, as the...

CVE-2025-57796

Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offline if the encrypted data are obtained...

Insecure Deserialization

cryptidy is vulnerable to insecure deserialization. The vulnerability is due to the use of pickle.loads on untrusted data in the aesdecryptmessage function within symmetricencryption.py, which allows an attacker to execute arbitrary code by supplying crafted serialized input...

CVE-2025-63675

cryptidy through 1.2.4 allows code execution via untrusted data because pickle.loads is used. This occurs in aesdecryptmessage in symmetricencryption.py...

cryptidy allows code execution via untrusted data due to pickle.loads

cryptidy through 1.2.4 allows code execution via untrusted data because pickle.loads is used. This occurs in aesdecryptmessage in symmetricencryption.py...

CVE-2025-63675

The vulnerability CVE-2025-63675 affects cryptidy up to version 1.2.4. The root cause is deserialization of untrusted data via pickle.loads in aes_decrypt_message within cryptidy/symmetric_encryption.py, enabling code execution. Multiple sources (Red Hat, OSV, GHSA, Snyk, CVE records) corroborate...

EUVD-2025-37311

cryptidy through 1.2.4 allows code execution via untrusted data because pickle.loads is used. This occurs in aesdecryptmessage in symmetricencryption.py...

EUVD-2004-1020

Malware in sbrugna...

EUVD-2021-20520

Malware in sbrugna...

EUVD-2023-30949

Malicious code in bioql PyPI...

EUVD-2022-4332

Malicious code in bioql PyPI...

A Privacy-Centric Approach: Scalable and Secure Federated Learning Enabled by Hybrid Homomorphic Encryption

Federated Learning FL enables collaborative model training without sharing raw data, making it a promising approach for privacy-sensitive domains. Despite its potential, FL faces significant challenges, particularly in terms of communication overhead and data privacy. Privacy-preserving Technique...