92 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-53494
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: xts - Handle EBUSY correctly As it is xts only handles the special return value of EINPROGRESS, which means that in all other cases it will free data...
EUVD-2024-41527
Malicious code in bioql PyPI...
EUVD-2023-23524
Malicious code in bioql PyPI...
EUVD-2024-41525
Malicious code in bioql PyPI...
EUVD-2024-41526
Malicious code in bioql PyPI...
SUSE CVE-2023-53494
In the Linux kernel, the following vulnerability has been resolved: crypto: xts - Handle EBUSY correctly As it is xts only handles the special return value of EINPROGRESS, which means that in all other cases it will free data related to the request. However, as the caller of xts may specify...
CVE-2023-53494
In the Linux kernel, the following vulnerability has been resolved: crypto: xts - Handle EBUSY correctly As it is xts only handles the special return value of EINPROGRESS, which means that in all other cases it will free data related to the request. However, as the caller of xts may specify...
UBUNTU-CVE-2023-53494
In the Linux kernel, the following vulnerability has been resolved: crypto: xts - Handle EBUSY correctly As it is xts only handles the special return value of EINPROGRESS, which means that in all other cases it will free data related to the request. However, as the caller of xts may specify...
CVE-2023-53494
CVE-2023-53494 affects the Linux kernel xts code. Root cause: EBUSY is not consistently treated like EINPROGRESS for MAY_BACKLOG callers, risking use-after-free on backlogged requests. Public advisories (EulerOS/MiracleLinux/OpenVAS/Nessus) reference this CVE; no patched version or remediation de...
CVE-2023-53494 crypto: xts - Handle EBUSY correctly
In the Linux kernel, the following vulnerability has been resolved: crypto: xts - Handle EBUSY correctly As it is xts only handles the special return value of EINPROGRESS, which means that in all other cases it will free data related to the request. However, as the caller of xts may specify...
CVE-2023-53494 crypto: xts - Handle EBUSY correctly
In the Linux kernel, the following vulnerability has been resolved: crypto: xts - Handle EBUSY correctly As it is xts only handles the special return value of EINPROGRESS, which means that in all other cases it will free data related to the request. However, as the caller of xts may specify...
Linux Distros Unpatched Vulnerability : CVE-2023-1255
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to...
TencentOS Server 4: openssl (TSSA-2024:0034)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0034 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
CVE-2024-45588
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Preference module of the application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which could lea...
CVE-2024-45587
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Transaction module of vulnerable application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which...
CVE-2024-45586
This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1P160. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which coul...
DEBIAN-CVE-2023-53100
In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in ext4updateinlinedata Syzbot found the following issue: EXT4-fs loop0: mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none. fscrypt: AES-256-CTS-CBC using implementation...
PT-2025-1212 · Microsoft · Windows Bitlocker +1
Name of the Vulnerable Software and Affected Versions: Windows BitLocker affected versions not specified Description: A critical issue in Windows BitLocker exposes the encryption mechanism to a novel randomization attack targeting the AES-XTS mode. This allows attackers to bypass BitLocker...
GHSA-J6VM-4R7G-X4GR Devolutions.XTS.NET Vulnerable to Timing Attack on GF Multiplications
Impact Timing attacks on Galois Field multiplications in this package. Successful exploitation would effectively allow a downgrade of the security guarantees of the XTS mode to the security guarantees of ECB mode, allowing block swapping, enabling identification of identical blocks, and rendering...
Devolutions.XTS.NET Vulnerable to Timing Attack on GF Multiplications
Impact Timing attacks on Galois Field multiplications in this package. Successful exploitation would effectively allow a downgrade of the security guarantees of the XTS mode to the security guarantees of ECB mode, allowing block swapping, enabling identification of identical blocks, and rendering...