Lucene search
K

137 matches found

CNNVD
CNNVD
added 2026/05/13 12:0 a.m.21 views

Astro 安全漏洞

Astro is a content-driven website framework developed by Astro OpenSource. Versions of Astro prior to 6.1.10 contained security vulnerabilities. These vulnerabilities stemmed from the use of AES-GCM encryption to protect server island attributes and slot parameters, where the ciphertext was not...

6.3CVSS5.7AI score0.00144EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.34 views

PT-2026-48611

Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description A local privilege escalation issue exists in FreeBSD kTLS-RX. The flaw allows a local user to overwrite files they have read access to by utilizing in-place AES-GCM decryption over sendfile2...

7.8CVSS5.8AI score0.00154EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2026/05/06 5:58 p.m.8 views

bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...

9.3CVSS5.8AI score0.00313EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/05 3:47 a.m.13 views

bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...

9.3CVSS5.8AI score0.00313EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/05 3:47 a.m.8 views

bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...

9.3CVSS5.8AI score0.00313EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.9 views

Cisco Firepower Threat Defense (FTD) Software ESP Packet Processing DoS (cisco-sa-asaftd-esp-dos-uv7yD8P5)

According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by a vulnerability. - A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Applian...

7.7CVSS5.9AI score0.00292EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.4 views

Cisco Adaptive Security Appliance (ASA) Software ESP Packet Processing DoS (cisco-sa-asaftd-esp-dos-uv7yD8P5)

According to its self-reported version, Cisco ASA Software is affected by a vulnerability. - A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secur...

7.7CVSS5.9AI score0.00292EPSS
Exploits0References4
OSV
OSV
added 2026/04/14 1:10 p.m.9 views

JLSEC-2026-108 Deno's AES GCM authentication tags are not verified

Summary This affects AES-256-GCM and AES-128-GCM in Deno, introduced by commit 0d1beed. Specifically, the authentication tag is not being validated. This means tampered ciphertexts or incorrect keys might not be detected, which breaks the guarantees expected from AES-GCM. Older versions of Deno...

8.7CVSS5.7AI score0.0024EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/04/10 3:10 a.m.28 views

CVE-2026-5500 Improper Validation of AES-GCM Authentication Tag Length in PKCS#7 Envelope Allows Authentication Bypass

wolfSSL's wcPKCS7DecodeAuthEnvelopedData does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. A man-in-the-middle can therefore truncate the mac field from 16 bytes to 1 byte, reducing the tag check from 2⁻¹²⁸ to 2⁻⁸...

8.7CVSS0.00355EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006771)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006771 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr...

7.8CVSS6.6AI score0.00249EPSS
Exploits0References4
NVD
NVD
added 2026/03/16 2:19 p.m.6 views

CVE-2026-32600

xml-security is a library that implements XML signatures and encryption. Prior to versions 2.3.1 and 1.13.9, XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag,...

8.2CVSS0.00148EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/13 10:41 p.m.4 views

Improper Validation of Integrity Check Value

Overview robrichards/xmlseclibs is a PHP library for XML Security. Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value in the decryptSymmetric function, when checking tag length for the aes-128-gcm, aes-192-gcm, and aes-256-gcm encryption algorithms. A...

8.2CVSS5.9AI score0.00152EPSS
Exploits1References2
OSV
OSV
added 2026/03/13 8:44 p.m.7 views

GHSA-R353-4845-PR5P simplesamlphp/xml-security: Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption

Summary XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover the GHASH key, and decrypt the encrypted nodes. It also allows to forge arbitrary ciphertexts...

8.2CVSS5.8AI score0.00148EPSS
Exploits1References5
CVE
CVE
added 2026/03/13 7:58 p.m.32 views

CVE-2026-32600

XML-Security library (xml-security) is affected in versions prior to 2.3.1 and 1.13.9 where AES-GCM encrypted XML nodes do not validate the authentication tag length. This can allow an attacker to brute-force the authentication tag, recover the GHASH key, decrypt encrypted nodes, and forge cipher...

8.2CVSS5.9AI score0.00148EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/13 7:50 p.m.3 views

CVE-2026-32313 xmlseclibs is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption

xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Prior to 3.1.5, XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover...

8.2CVSS5.9AI score0.00152EPSS
Exploits1References3
OSV
OSV
added 2026/03/13 7:50 p.m.4 views

CVE-2026-32313 xmlseclibs is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption

xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Prior to 3.1.5, XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover...

8.2CVSS5.9AI score0.00152EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.10 views

xml-security 安全漏洞

xml-security is an open-source library developed by SimpleSAMLphp. Versions prior to 2.3.1 and 1.13.9 of xml-security had security vulnerabilities. These vulnerabilities stemmed from the lack of authentication tag length validation for XML nodes encrypted using aes-128-gcm, aes-192-gcm, or...

8.2CVSS5.9AI score0.00148EPSS
Exploits1References4
EUVD
EUVD
added 2026/03/04 6:31 p.m.7 views

EUVD-2026-9436

A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to cause...

7.7CVSS6AI score0.00292EPSS
Exploits0References2
NVD
NVD
added 2026/03/04 6:16 p.m.11 views

CVE-2026-20049

A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to cause...

7.7CVSS0.00292EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/04 5:22 p.m.33 views

CVE-2026-20049

A vulnerability in the processing of Galois/Counter Mode GCM-encrypted Internet Key Exchange version 2 IKEv2 IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to cause...

7.7CVSS0.00292EPSS
Exploits0References1
Rows per page
Query Builder