Lucene search
K

495 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Missing Cryptographic Step (CVE-2025-69418)

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

4CVSS5.6AI score0.00115EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/01/17 12:25 a.m.2 views

SUSE CVE-2025-71131

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

5.5CVSS6.5AI score0.00114EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001516)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001516 advisory. A data leak flaw was found in the way XFSIOCALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use th...

5.5CVSS6.5AI score0.00286EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000855)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000855 advisory. A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a...

5.5CVSS7.1AI score0.00398EPSS
Exploits0References9
NVD
NVD
added 2026/01/14 3:16 p.m.11 views

CVE-2025-71131

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

5.5CVSS0.00114EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/01/14 3:16 p.m.3 views

CVE-2025-71131

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References35
OSV
OSV
added 2026/01/14 3:16 p.m.3 views

UBUNTU-CVE-2025-71131

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References37
Cvelist
Cvelist
added 2026/01/14 3:7 p.m.28 views

CVE-2025-71131 crypto: seqiv - Do not use req->iv after crypto_aead_encrypt

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

0.00114EPSS
Exploits0References7
OSV
OSV
added 2026/01/14 3:7 p.m.6 views

CVE-2025-71131 crypto: seqiv - Do not use req->iv after crypto_aead_encrypt

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/01/14 3:7 p.m.5 views

CVE-2025-71131

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

5.2AI score0.00114EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/14 3:7 p.m.5 views

CVE-2025-71131 crypto: seqiv - Do not use req->iv after crypto_aead_encrypt

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

5.6AI score0.00114EPSS
Exploits0References7
CVE
CVE
added 2026/01/14 3:7 p.m.34 views

CVE-2025-71131

The CVE-2025-71131 in the Linux kernel is resolved. The issue was in crypto: seqiv where a request’s iv could be dereferenced after async completion of crypto_aead_encrypt, because the underlying request may be freed. The fix creates a new variable unaligned_info and uses it for the iv check, pre...

5.5CVSS6.2AI score0.00114EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2026/01/14 3:7 p.m.3 views

CVE-2025-71131

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

5.5CVSS5.3AI score0.00114EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: kmsan: fixed an issue where out-of-bounds access to shadow memory occurred. Running sha224kunit on a KMSAN-enabled kernel results in a crash in kmsaninternalsetshadoworigin: BUG: Unable to handle a page fault for the address:...

6.5AI score0.00222EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/08 3:14 a.m.4 views

CVE-2025-47388

Memory corruption while passing pages to DSP with an unaligned starting address...

7.8CVSS7.1AI score0.00072EPSS
Exploits0References1
NVD
NVD
added 2026/01/07 12:17 p.m.5 views

CVE-2025-47388

Memory corruption while passing pages to DSP with an unaligned starting address...

7.8CVSS0.00072EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/07 12:0 a.m.3 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from an unaligned start address when passing a page to the DSP, which could lead to memory corruption...

7.8CVSS6.6AI score0.00072EPSS
Exploits0References1
CVE
CVE
added 2026/01/06 10:48 p.m.15 views

CVE-2025-47388

CVE-2025-47388 : Qualcomm chipsets memory corruption occurs when passing pages to the DSP with an unaligned starting address, as described in multiple feeds. The vulnerability affects the DSP service path and could enable a local attacker to corrupt memory, with high impact on confidentiality, in...

7.8CVSS6.7AI score0.00072EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/06 10:48 p.m.3 views

CVE-2025-47388 Buffer Copy without Checking Size of Input in DSP Service

Memory corruption while passing pages to DSP with an unaligned starting address...

7.8CVSS6.7AI score0.00072EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/06 10:48 p.m.30 views

CVE-2025-47388 Buffer Copy without Checking Size of Input in DSP Service

Memory corruption while passing pages to DSP with an unaligned starting address...

7.8CVSS0.00072EPSS
Exploits0References1
Rows per page
Query Builder