CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/04/01 12:0 a.m.•2 views

Mbed TLS 安全漏洞

Mbed TLS is an open-source, portable, easy-to-use, readable, and flexible SSL library developed by Mbed TLS. Mbed TLS versions 4.0.0 and earlier, as well as TF-PSA-Crypto versions 1.0.0 and earlier, have security vulnerabilities. These vulnerabilities stem from compiler-induced timing side...

5.1CVSS5.8AI score0.00024EPSS

Exploits0References4

Snyk•added 2026/04/01 12:0 a.m.•0 views

Covert Timing Channel

Overview Affected versions of this package are vulnerable to Covert Timing Channel via timing differences in RSA and CBC/ECB decryption operations when the LLVM compiler's select-optimize feature is enabled. An attacker can infer sensitive information, such as cryptographic keys, by analyzing the...

5.9CVSS5.8AI score0.00024EPSS

Snyk•added 2026/03/30 10:36 p.m.•1 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the SM2 decryption process due to improper validation of the encoded C3 hash field length prior to comparison. An attacker can cause a heap buffer over-read, potentially leading to a crash or other undefined...

8.8CVSS6AI score0.00065EPSS

NVD•added 2026/03/30 9:17 p.m.•1 views

CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

8.2CVSS0.00065EPSS

OSV•added 2026/03/30 9:17 p.m.•2 views

DEBIAN-CVE-2026-32877

8.2CVSS5.4AI score0.00065EPSS

OSV•added 2026/03/30 9:17 p.m.•1 views

UBUNTU-CVE-2026-32877

8.2CVSS5.7AI score0.00065EPSS

Exploits0References3

UbuntuCve•added 2026/03/30 9:17 p.m.•1 views

CVE-2026-32877

Vulnrichment•added 2026/03/30 8:36 p.m.•0 views

CVE-2026-32877 Botan: Heap Buffer Over-read in SM2 Decryption via Undersized C3 Hash Field

EUVD•added 2026/03/30 8:36 p.m.•0 views

EUVD-2026-17210

Cvelist•added 2026/03/30 8:36 p.m.•18 views

CVE-2026-32877 Botan: Heap Buffer Over-read in SM2 Decryption via Undersized C3 Hash Field

8.2CVSS0.00065EPSS

ATTACKERKB•added 2026/03/30 8:36 p.m.•1 views

CVE-2026-32877

Exploits0References2Affected Software1

OSV•added 2026/03/30 8:36 p.m.•3 views

CVE-2026-32877 Botan: Heap Buffer Over-read in SM2 Decryption via Undersized C3 Hash Field

Debian CVE•added 2026/03/30 8:36 p.m.•1 views

Exploits0References3

CVE-2026-32877

8.2CVSS5.3AI score0.00065EPSS

Exploits0

AlpineLinux•added 2026/03/30 8:36 p.m.•1 views

CVE-2026-32877

8.2CVSS5.7AI score0.00065EPSS

OSV•added 2026/03/30 2:26 p.m.•1 views

SUSE-SU-2026:20983-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: - Update to versio 16.13. bsc1258754 - CVE-2026-2003: Guard against unexpected dimensions of oidvector/int2vector bsc1258008 - CVE-2026-2004: Harden selectivity estimators against being attached to operators that accept unexpected data type...

8.8CVSS6AI score0.00059EPSS

Exploits3References10

CNNVD•added 2026/03/30 12:0 a.m.•3 views

Botan 缓冲区错误漏洞

Botan is a C++ encryption library developed by Jack Lloyd as an individual project. Versions of Botan from 2.3.0 to 3.11.0 contained a buffer error vulnerability. This vulnerability stemmed from the failure to check the expected length of the authentication code value during the SM2 decryption...

8.2CVSS6AI score0.00065EPSS