Lucene search
K

549 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago6 views

Nutanix AHV : (NXSA-AHV-10.3.1.8)

The version of AHV installed on the remote host is prior to 10.3.1.8 / AHV-10.3.1.8. It is, therefore, affected by a vulnerability as referenced in the NXSA-AHV-10.3.1.8 advisory. - In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating...

7.8CVSS6.7AI score0.96267EPSS
Exploits230References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/01 1:52 p.m.3 views

Security Bulletin: Vulnerabilities in kernel library (CVE-2025-68724, CVE-2026-31431) affect Power HMC.

Summary The kernel library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-68724 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in...

7.8CVSS6.8AI score0.96267EPSS
Exploits230Affected Software1
Broadcom
Broadcom
added 2026/07/01 12:0 a.m.18 views

crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431)

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algifaead since the source and destination...

7.8CVSS6.8AI score0.96267EPSS
Exploits230
NVD
NVD
added 2026/06/29 9:16 p.m.13 views

CVE-2026-13758

CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...

3.7CVSS0.00295EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/29 8:42 p.m.5 views

CVE-2026-13758

CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...

5.8AI score0.00295EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/29 8:42 p.m.6 views

CVE-2026-13758

CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...

3.7CVSS5.8AI score0.00295EPSS
Exploits0
OSV
OSV
added 2026/06/29 8:42 p.m.4 views

CVE-2026-13758 CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path

CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...

3.7CVSS6AI score0.00295EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 2:36 p.m.6 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to Out-of-bounds Write due to OpenSSL (CVE-2025-15467)

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS Database node users are vulnerable to Out-of-bounds Write due to OpenSSL. Vulnerability Details CVEID:CVE-2025-15467 DESCRIPTION: Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD...

9.8CVSS7.9AI score0.47621EPSS
Exploits7Affected Software3
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53736

Name of the Vulnerable Software and Affected Versions CryptX versions prior to 0.088 001 Description CryptX for Perl performs AEAD authentication tag comparisons in non-constant time within the streaming decrypt done path. The decrypt done$tag function utilizes memNE based on memcmp != 0, which...

3.7CVSS6.1AI score0.00295EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/06/28 1:8 a.m.8 views

SUSE CVE-2026-53302

In the Linux kernel, the following vulnerability has been resolved: crypto: eip93 - fix hmac setkey algo selection eip93hmacsetkey allocates a temporary ahash transform for computing HMAC ipad/opad key material. The allocation uses the driver-specific cradrivername e.g. "sha256-eip93" but passes...

5.9AI score0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53302

In the Linux kernel, the following vulnerability has been resolved: crypto: eip93 - fix hmac setkey algo selection eip93hmacsetkey allocates a temporary ahash transform for computing HMAC ipad/opad key material. The allocation uses the driver-specific cradrivername e.g. "sha256-eip93" but passes...

5.5CVSS0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 8:17 p.m.5 views

UBUNTU-CVE-2026-53302

In the Linux kernel, the following vulnerability has been resolved: crypto: eip93 - fix hmac setkey algo selection eip93hmacsetkey allocates a temporary ahash transform for computing HMAC ipad/opad key material. The allocation uses the driver-specific cradrivername e.g. "sha256-eip93" but passes...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/26 7:40 p.m.6 views

EUVD-2026-39837

In the Linux kernel, the following vulnerability has been resolved: crypto: eip93 - fix hmac setkey algo selection eip93hmacsetkey allocates a temporary ahash transform for computing HMAC ipad/opad key material. The allocation uses the driver-specific cradrivername e.g. "sha256-eip93" but passes...

5.9AI score0.00121EPSS
Exploits0References3
CVE
CVE
added 2026/06/26 7:40 p.m.12 views

CVE-2026-53302

The CVE-2026-53302 issue is in the Linux kernel cryptographic module (EIP93 hardware accelerator). The root cause is in eip93_hmac_setkey(): it allocates a temporary ahash transform for HMAC key material using a driver name (e.g., sha256-eip93) but masks CRYPTO_ALG_ASYNC, which excludes async alg...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/26 2:14 a.m.6 views

SUSE CVE-2026-52972

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to 0x80000000...

7.8CVSS5.8AI score0.0014EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.7 views

PT-2026-52941

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the eip93 hmac setkey function where it incorrectly uses the CRYPTO ALG ASYNC mask when allocating a temporary ahash transform. Because EIP93 hash algorithms are...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References15
OSV
OSV
added 2026/06/25 11:55 a.m.4 views

SUSE-SU-2026:2630-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed wo...

9.8CVSS7AI score0.0055EPSS
Exploits8References63
CVE
CVE
added 2026/06/24 4:28 p.m.20 views

CVE-2026-52972

CVE-2026-52972 affects the Linux kernel crypto/af_alg component, causing an arithmetic overflow when handling associated data lengths during the TX buffer size check. The root cause is the potential overflow if AD length is not capped; the fix caps the AD length to 0x80000000. Multiple OS vendors...

7CVSS5.7AI score0.0014EPSS
Exploits0References11Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.8 views

CVE-2026-52972

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to 0x80000000...

5.7AI score0.0014EPSS
Exploits0References9Affected Software1
AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.12 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead – Reverted to operating out-of-place. This mainly reverts to commit 72548b093ee3, except for the copying of the associated data. There is no benefit in operating in-place in algifaead, as the source and...

7.8CVSS6.6AI score0.96267EPSS
Exploits230References3
Rows per page
Query Builder