Lucene search
K

135 matches found

CNNVD
CNNVD
added 2024/05/17 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a buffer over-read in CTR mode...

7.8CVSS6.6AI score0.00249EPSS
Exploits0References8
OSV
OSV
added 2024/04/04 9:15 a.m.8 views

AZL-59490 CVE-2024-26789 affecting package kernel for versions less than 6.6.85.1-1

In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/neonbs - fix out-of-bounds access on short input The bit-sliced implementation of AES-CTR operates on blocks of 128 bytes, and will fall back to the plain NEON version for tail blocks or inputs that are shorter than...

7.1CVSS7AI score0.00226EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/18 12:0 a.m.7 views

PT-2024-10618

Name of the Vulnerable Software and Affected Versions CryptX versions prior to 0.062 Description The issue concerns the CryptX module for Perl, where the functions gcm decrypt verify and chacha20poly1305 decrypt verify do not verify the tag, potentially leading to security issues. Recommendations...

9.8CVSS5.9AI score0.00489EPSS
Exploits0References26
Positive Technologies
Positive Technologies
added 2024/02/19 12:0 a.m.12 views

PT-2024-7687 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to an out-of-bounds access in the crypto: arm64/neonbs component of the Linux kernel, specifically in the bit-sliced implementation of AES-CTR. This implementation...

8CVSS6.5AI score0.08555EPSS
Exploits4References551
CNNVD
CNNVD
added 2024/01/19 12:0 a.m.6 views

Consensys Discovery Security Feature Issue Vulnerability

Consensys Discovery is an open source application from Consensys. A security vulnerability exists in versions of Consensys Discovery prior to 0.4.5 that stems from using the same AES/GCM random number throughout a session...

5.3CVSS6.7AI score0.00489EPSS
Exploits0References5
RustSec
RustSec
added 2023/11/22 12:0 p.m.6 views

Plaintext exposed in decrypt_in_place_detached even on tag verification failure

Summary In the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. Impact If a program using the aes-gcm crate's decryptinplace APIs accesses the buffer after decryption failure, it will contain a...

5.5CVSS7.1AI score0.00262EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2023/11/14 3:46 p.m.2 views

kernel: crypto: qat - fix out-of-bounds read

An out-of-bounds read vulnerability was found in the Linux kernel's Intel QAT QuickAssist Technology crypto driver. When preparing an AES-CTR encryption request on QAT GEN4 devices, the driver rounds up the key size by 16 bytes before copying. If this rounding occurs before the memcpy operation,...

5.7AI score0.00171EPSS
Exploits0References5
OSV
OSV
added 2023/10/25 6:17 p.m.2 views

ALPINE-CVE-2023-5363

Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...

7.5CVSS7AI score0.03332EPSS
Exploits0References1
OSV
OSV
added 2023/09/22 4:11 p.m.32 views

GHSA-423W-P2W9-R7VQ AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure

Summary In the AES GCM implementation of decryptinplacedetached, the decrypted ciphertext i.e. the correct plaintext is exposed even if tag verification fails. Impact If a program using the aes-gcm crate's decryptinplace APIs accesses the buffer after decryption failure, it will contain a...

4.7CVSS5AI score0.00262EPSS
Exploits1References8
CNNVD
CNNVD
added 2023/09/22 12:0 a.m.5 views

aes-gcm Data Forgery Issue Vulnerability

aes-gcm is a cryptographic algorithm in the aes-gcm open source. Vulnerabilities in aes-gcm versions prior to 0.10.0 to 0.10.3 suffer from a data forgery problem, which stems from the fact that in AES GCM decryption implementations, plaintext is made public in the form of decryptinplacedetached...

5.5CVSS6.7AI score0.00262EPSS
Exploits1References7
OSV
OSV
added 2023/08/24 10:2 p.m.4 views

USN-6307-1 cjose vulnerability

It was discovered that JOSE for C/C++ AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. An attacker could use this to cause a denial of service system crash or might expose sensitive information...

8.6CVSS5.8AI score0.006EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/08/01 1:45 p.m.5 views

cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE

A vulnerability was found in cjose. The cjose is a C library implementing the Javascript Object Signing and Encryption JOSE. The AES GCM decryption routine incorrectly uses the tag length from the actual Authentication Tag provided in the JSON Web Encryption JWE. A fixed length of 16 octets must ...

8.6CVSS5.7AI score0.006EPSS
Exploits1References5
OSV
OSV
added 2023/07/29 11:5 a.m.5 views

OESA-2023-1441 cjose security update

Implementation of JOSE for C/C++ Security Fixes: OpenIDC/cjose is a C library implementing the Javascript Object Signing and Encryption JOSE. The AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. The spec says that a fixed length of...

8.6CVSS6.9AI score0.006EPSS
Exploits1References2
OSV
OSV
added 2023/07/14 9:15 p.m.8 views

AZL-36936 CVE-2023-37464 affecting package cjose for versions less than 0.6.2.2-7

OpenIDC/cjose is a C library implementing the Javascript Object Signing and Encryption JOSE. The AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. The spec says that a fixed length of 16 octets must be applied. Therefore this bug...

7.5CVSS7.1AI score0.006EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2023/06/21 2:46 p.m.7 views

kernel: crypto: qat - fix out-of-bounds read

An out-of-bounds read vulnerability was found in the Linux kernel's Intel QAT QuickAssist Technology crypto driver. When preparing an AES-CTR encryption request on QAT GEN4 devices, the driver rounds up the key size by 16 bytes before copying. If this rounding occurs before the memcpy operation,...

5.7AI score0.00171EPSS
Exploits0References5
OSV
OSV
added 2023/03/15 2:15 p.m.6 views

CVE-2023-26084

The armv8decaesgcmfull API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. This occurs because of an improperly initialized variable...

3.7CVSS5.8AI score0.00362EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/15 12:0 a.m.9 views

PT-2023-20477 · Arm · Arm Aarch64Cryptolib

Name of the Vulnerable Software and Affected Versions: Arm AArch64cryptolib versions before 86065c6 Description: The issue concerns the armv8 dec aes gcm full API, which fails to verify the authentication tag of AES-GCM protected data. This failure is due to an improperly initialized variable,...

3.7CVSS7.4AI score0.00362EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/03/15 12:0 a.m.6 views

AArch64cryptolib 路径遍历漏洞

AArch64cryptolib is an open source scratch implementation of a cryptographic primitive by Arm Software. A path traversal vulnerability exists in versions prior to AArch64cryptolib 20230220, which stems from the inability of the armv8decaesgcmfull API to validate authentication tags for AES-GCM...

3.7CVSS5.1AI score0.00362EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/20 12:0 a.m.4 views

MediaWiki 安全特征问题漏洞

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy in-house knowledge management and content management systems.CheckUser extension is one of the user information checking extensions. A security feature issue...

5.3CVSS5.6AI score0.00389EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2022/05/17 12:0 a.m.8 views

The vulnerability of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD), a micro-programming network interface device, allows attackers to gain unauthorized access to protected information.

The vulnerability of Cisco Adaptive Security Appliances ASA and Cisco Firepower Threat Defense FTD, which are microprogramming network devices, is related to encryption deficiencies using the Galois/Counter Mode GCM authentication method. Exploiting this vulnerability can allow an attacker to gai...

7.4CVSS7.2AI score0.00425EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder