135 matches found
EUVD-2026-41930
Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security...
PT-2026-55992
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description A cryptographic issue exists when using a static initialization vector IV for AES-GCM key wrapping. AES-GCM requires a unique IV for every call to maintain...
EUVD-2026-40449
ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images...
DEBIAN-CVE-2026-56369
ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images...
PT-2026-54045
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-22 Description An information disclosure issue exists in the PasskeyEncipherImage method. The flaw is caused by the reuse of a nonce a unique number used once in the AES-CTR cipher implementation. This allow...
DEBIAN-CVE-2026-13758
CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...
UBUNTU-CVE-2026-13758
CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...
CVE-2026-13758
CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...
EUVD-2026-39493
AES-GCM encryption/decryption with extremely large cumulative single message sizes 64 GiB were not properly rejected by the streaming APIs, allowing counter wrap, keystream reuse, and consequent plaintext recovery...
CVE-2026-57062
CVE-2026-57062: The CMS parsing in GnuPG’s gpgsm (up to version 2.5.20) mishandles AES-GCM when processing CMS structures, accepting an aes-ICVlen of 4 bytes instead of the required 12. This is a component/format handling flaw in GnuPG’s CMS implementation. The CVE record cites a related issue (C...
CVE-2026-41565
CryptX versions before 0.088001 for Perl have a stack buffer overflow in four AEAD decryptverify helpers. The gcmdecryptverify, ccmdecryptverify, chacha20poly1305decryptverify and eaxdecryptverify XS routines copied the caller-supplied authentication tag into a fixed 144-byte stack buffer...
PT-2026-44386
Name of the Vulnerable Software and Affected Versions CryptX versions prior to 0.088 001 Description A stack buffer overflow exists in four AEAD decrypt verify helpers. The XS routines gcm decrypt verify, ccm decrypt verify, chacha20poly1305 decrypt verify, and eax decrypt verify copy a...
Insecure Randomness
Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
GHSA-QV2Q-C278-PCH5 ImageMagick: Information Disclosure in PasskeyEncipherImage via AES-CTR nonce reuse
The PasskeyEncipherImage method is vulnerable to information disclosure via AES-CTR nonce reuse. ImageMagick has update the documentation on its website to make it more clear that this is happening: https://imagemagick.org/cipher/...
Insecure Randomness
Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
ImageMagick: Information Disclosure in PasskeyEncipherImage via AES-CTR nonce reuse
The PasskeyEncipherImage method is vulnerable to information disclosure via AES-CTR nonce reuse. ImageMagick has update the documentation on its website to make it more clear that this is happening: https://imagemagick.org/cipher/...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/neonbs – fixed an issue of out-of-bounds access due to short inputs. The bit-sliced implementation of AES-CTR operates on blocks of 128 bytes. For tail blocks or inputs that are shorter than 128 bytes, it will fall...
bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly
A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...
Astro 安全漏洞
Astro is a content-driven website framework developed by Astro OpenSource. Versions of Astro prior to 6.1.10 contained security vulnerabilities. These vulnerabilities stemmed from the use of AES-GCM encryption to protect server island attributes and slot parameters, where the ciphertext was not...
PT-2026-48611
Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description A local privilege escalation issue exists in FreeBSD kTLS-RX. The flaw allows a local user to overwrite files they have read access to by utilizing in-place AES-GCM decryption over sendfile2...