EUVD-2022-35807

Malicious code in bioql PyPI...

EUVD-2022-34825

Malicious code in bioql PyPI...

CVE-2025-8312

Deadlock in PAM automatic check-in feature in Devolutions Server allows a password to remain valid beyond the end of its intended check-out period due to a deadlock occurring in the scheduling service.This issue affects the following versions : Devolutions Server 2025.2.2.0 through 2025.2.5.0...

Updated gnupg2 packages fix security vulnerabilities

Key validity not computed when key is certified by a trusted "certify-only" key regression due to patch for CVE-2025-30258...

CVE-2022-2572

In affected versions of Octopus Server where access is managed by an external authentication provider, it was possible that the API key/keys of a disabled/deleted user were still valid after the access was revoked...

Unspecified vulnerability in Linux kernel (CNVD-2024-40275)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a security vulnerability that stems from not checking the validity of indexes. No details of the vulnerability are provided at this time...

CVE-2024-45005

CVE-2024-45005 affects the Linux kernel KVM on s390. The issue is a validity interception in the SIE path when gisa is disabled, caused by passing an uninitialized gisa origin to virt_to_phys() and then writing it into the gisa designation. The fix returns 0 in kvm_s390_get_gisa_desc() if origin ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a SIE validity issue that may be encountered when GISA is disabled...

Important: ecs-service-connect-agent

Issue Overview: Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, a malicious client is able to construct credentials with permanent validity in some specific scenarios. This is caused by the some...

CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

GnuPG contains flaw in key validation code

Overview A vulnerability in GnuPG may cause keys with multiple user ID's to give other user IDs on the key a false amount of validity. Description From the GnuPG homepage:GnuPG stands for GNU Privacy Guard and is GNU's tool for secure communication and data storage. It can be used to encrypt data...

Key validity bug in GnuPG 1.2.1 and earlier

As part of the development of GnuPG 1.2.2, a bug was discovered in the key validation code. This bug causes keys with more than one user ID to give all user IDs on the key the amount of validity given to the most-valid key. This bug does not impact any key with only one user ID. Photo IDs "user...

PGPsdk Key Validity Vulnerability

http://www.pgp.com/support/product-advisories/pgpsdk.asp A vulnerability in PGP's display of key validity has been discovered that could allow an attacker to fool users into thinking that a valid signature was created by what is actually an invalid user ID. If the attacker can obtain a signature ...