Mozilla Rust has an unspecified vulnerability (CNVD-2022-03129)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation.A security vulnerability exists in versions of Rust crypto2 crate prior to 2021-10-08, which stems from a possible unaligned read of u32 during Chacha20 encryption and decryption. No details of the vulnerability...

CVE-2021-4161

CVE-2021-4161 affects MOXA MGate MB3180/MB3280/MB3480 Series Protocol Gateways. Vulnerable firmware versions include MB3180 (≤2.2), MB3280 (≤4.1), and MB3480 (≤3.2). The flaw allows cleartext transmission of sensitive information, enabling an attacker to sniff traffic and decrypt login credential...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation.A security vulnerability exists in versions of Rust crypto2 crate prior to 2021-10-08, which stems from a possible unaligned read of u32 during Chacha20 encryption and decryption. No details of the vulnerability...

CVE-2021-45709

An issue was discovered in the crypto2 crate through 2021-10-08 for Rust. During Chacha20 encryption and decryption, an unaligned read of a u32 may occur...

CVE-2021-45709

CVE-2021-45709 affects the crypto2 crate for Rust up to 2021-10-08, where during ChaCha20 encryption/decryption an unaligned read of a u32 may occur. Related sources (OSV/GHSA/RUSTSEC) describe the root cause as incorrect assumptions about 4-byte alignment in an unsafe slice::from_raw_parts_mut c...

Vulnerability found in Moxa MGate

A vulnerability has been found in Moxa MGate. The vulnerability allows an unauthenticated remote malicious person to obtain obtain sensitive data. The vulnerable Moxa MGate series have vulnerable firmware that makes it possible for an attacker to intercept the traffic and then decrypt the login...

Moxa MGate 多款产品安全漏洞

MOXA Moxa MGate MB3280 and Moxa MGate MB3480 are both products of MOXA Corporation, Taiwan, China.Moxa MGate MB3280 is a MB3280 series Ethernet gateway product.Moxa MGate MB3480 is a MB3480 series Ethernet gateway product. A security vulnerability exists in the Moxa MGate MB3180/MB3280/MB3480...

CVE-2021-45451

In Mbed TLS before 3.1.0, psaaeadgeneratenonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...

CVE-2021-45451

In Mbed TLS before 3.1.0, psaaeadgeneratenonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...

CVE-2021-45450

In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psaciphergenerateiv and psacipherencrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...

CVE-2021-45450

In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psaciphergenerateiv and psacipherencrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...

UBUNTU-CVE-2021-45450

In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psaciphergenerateiv and psacipherencrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...

Buffer overflow

In Mbed TLS before 3.1.0, psaaeadgeneratenonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...

UBUNTU-CVE-2021-45451

In Mbed TLS before 3.1.0, psaaeadgeneratenonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...

CVE-2021-45450

In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psaciphergenerateiv and psacipherencrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...

CVE-2021-45451

In Mbed TLS before 3.1.0, psaaeadgeneratenonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...

Buffer overflow

In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psaciphergenerateiv and psacipherencrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...

CVE-2021-45450

In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psaciphergenerateiv and psacipherencrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...

ARM mbed TLS 加密问题漏洞

ARM mbed TLS is a product from ARM UK that provides secure communication and encryption capabilities for mbed products. A security vulnerability exists in Mbed TLS versions prior to 3.1.0 that stems from psaaeadgeneratenonce allows policy bypass or oracle-based decryption that can be accessed by...

CVE-2021-45451

CVE-2021-45451 affects Mbed TLS prior to 3.1.0. The flaw is in psa_aead_generate_nonce, which can enable policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted app. The vulnerability is tied to how nonces are generated for AEAD operations...