16 matches found
CVE-2026-6291
Bleichenbacher padding oracle in PKCS7 KTRI decryption. When decrypting PKCS7 EnvelopedData using RSA PKCS1 v1.5 key transport, wolfSSL returned distinguishable error codes depending on whether RSA padding validation failed versus whether the decrypted content was malformed. An attacker able to...
CVE-2026-6291 Bleichenbacher padding oracle in PKCS#7 KTRI RSA PKCS#1 v1.5 decryption
Bleichenbacher padding oracle in PKCS7 KTRI decryption. When decrypting PKCS7 EnvelopedData using RSA PKCS1 v1.5 key transport, wolfSSL returned distinguishable error codes depending on whether RSA padding validation failed versus whether the decrypted content was malformed. An attacker able to...
CVE-2026-6291
CVE-2026-6291 affects wolfSSL (v4.0) and describes a Bleichenbacher padding oracle in PKCS#7 KTRI RSA PKCS#1 v1.5 decryption used for EnvelopedData. The vulnerability arises because error codes differed between RSA padding validation failure and malformed decrypted content, enabling an attacker t...
EUVD-2026-39482
Bleichenbacher padding oracle in PKCS7 KTRI decryption. When decrypting PKCS7 EnvelopedData using RSA PKCS1 v1.5 key transport, wolfSSL returned distinguishable error codes depending on whether RSA padding validation failed versus whether the decrypted content was malformed. An attacker able to...
CVE-2026-6291
Bleichenbacher padding oracle in PKCS7 KTRI decryption. When decrypting PKCS7 EnvelopedData using RSA PKCS1 v1.5 key transport, wolfSSL returned distinguishable error codes depending on whether RSA padding validation failed versus whether the decrypted content was malformed. An attacker able to...
BIT-JRE-2024-47544 GHSL-2024-238: GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handling
GStreamer is a library for constructing graphs of media-handling components. The function qtdemuxparsesbgp in qtdemux.c is affected by a null dereference vulnerability. This vulnerability is fixed in 1.24.10...
Timing Attack
Overview authlib is a library in building OAuth and OpenID Connect servers. Affected versions of this package are vulnerable to Timing Attack via the unwrap length check in jwealgs.py. An attacker can recover the CEK and decrypt or forge JWE tokens by sending malformed RSA15 ciphertexts and...
Hemmelig 安全漏洞
Hemmelig is a content encryption software from Hemmelig Open Source. A security vulnerability exists in Hemmelig versions prior to 7.3.3 that stems from an SSRF filter bypass in Webhook URL validation, which could lead to server-side request forgery attacks...
gstreamer1-plugins-good: NULL-pointer dereferences in MP4/MOV demuxer CENC handling
A flaw was found in the GStreamer library. Multiple NULL pointer dereferences in the MP4/MOV demuxer's CENC handling can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...
com.bpfaas:bps-config-server-spring-cloud-starter (>=0.0.1-RELEASE <=3.2.2), com.github.paulcwarren:spring-content-encryption (>=2.7.0 <=2.9.0) +138 more potentially affected by CVE-2023-20859 via org.springframework.vault:spring-vault-core (>=1.0.0.RELEASE <=2.3.2)
org.springframework.vault:spring-vault-core MAVEN version =1.0.0.RELEASE, =0.0.1-RELEASE, =2.7.0, =0.8, =0.8, =0.8, =0.8, =2.4.0, =0.9.1, =0.9.12, =0.10.2, =1.1.6, =1.2.16 and more Source cves: CVE-2023-20859 Source advisory: OSV:GHSA-R47R-87P9-8JH3...
Bosch Rexroth IndraMotion Mlc has an unspecified vulnerability
Bosch Rexroth IndraMotion Mlc is a new device that combines motion and logic control, as well as robotics control.A security vulnerability exists in Bosch Rexroth IndraMotion Mlc, which stems from a network system or product that does not properly use the relevant cryptographic algorithms, and...
Critical vulnerability in JSON Web Encryption (JWE) - RFC 7516
tl;dr if you are using go-jose, node-jose, jose2go, Nimbus JOSE+JWT or jose4j with ECDH-ES please update to the latest version. RFC 7516 aka JSON Web Encryption JWE hence many software libraries implementing this specification used to suffer from a classic Invalid Curve Attack. This would allow a...
Vulnerability of Firefox and Firefox ESR browsers, allowing attackers to execute arbitrary code
The vulnerability of the stagefright::SampleTable::parseSampleCencInfo function in the libstagefright component of Firefox and Firefox ESR browsers is caused by a buffer overflow in the dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by manipulating CENC...
DEBIAN-CVE-2016-2814
Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to...
Mozilla Firefox and Firefox ESR libstagefright buffer overflow vulnerability
Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open-source web browser; Firefox ESR is an extended-support version of Firefox. libstagefright is one of the hard-coding support libraries. A buffer overflow vulnerability exist...
Mozilla: Buffer overflow in libstagefright with CENC offsets (MFSA 2016-44)
Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to...