Lucene search
+L

15 matches found

nvd
nvd
added 2026/06/25 10:17 p.m.11 views

CVE-2026-6329

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6.5CVSS0.0016EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/25 9:2 p.m.33 views

CVE-2026-6329 PKCS#12 MAC verification uses attacker-controlled comparison length

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6CVSS0.0016EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.14 views

PT-2026-52602

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description PKCS12 MAC verification uses a comparison length controlled by an attacker, which weakens the integrity check on the Message Authentication Code MAC and allows a...

6.5CVSS5.8AI score0.0016EPSS
Exploits0References9
mscve
mscve
added 2026/05/28 8:6 a.m.10 views

crypto: authencesn - reject short ahash digests during instance creation

...

7.3CVSS5.4AI score0.00129EPSS
Exploits0
cnnvd
cnnvd
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of verification of the hash digest length during the creation of authentication instance...

5.8AI score0.00129EPSS
Exploits0References5
osv
osv
added 2026/05/02 12:0 p.m.7 views

RUSTSEC-2026-0132 Potential out-of-bounds write via public `Context` fields

The Context struct has all fields public pub dlen, pub digest, etc.. Code from other modules within the same crate can directly modify dlen to a value exceeding the digest vector length. When reset is subsequently called, self.digestself.dlen as usize = 0 becomes an out-of-bounds write. Withdrawa...

5.8AI score
Exploits0References3
nessus
nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-24754

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer...

9.8CVSS8AI score0.02065EPSS
Exploits0References2
astralinux
astralinux
added 2025/02/11 7:35 a.m.6 views

Astra Linux – Vulnerability in rsync

A heap-based buffer overflow flaw was discovered in the rsync daemon. This issue arises due to improper handling of the attacker-controlled checksum length s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write data beyond the buffer’s boundaries...

9.8CVSS7.5AI score0.72059EPSS
Exploits4References3
osv
osv
added 2025/01/15 3:15 p.m.6 views

AZL-55646 CVE-2024-12084 affecting package rsync for versions less than 3.4.1-1

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...

9.8CVSS7.6AI score0.72059EPSS
Exploits4References1
osv
osv
added 2025/01/15 3:15 p.m.4 views

ALPINE-CVE-2024-12084

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...

9.8CVSS7.2AI score0.72059EPSS
Exploits4References1
osv
osv
added 2025/01/15 3:15 p.m.4 views

DEBIAN-CVE-2024-12084

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...

9.8CVSS8.9AI score0.72059EPSS
Exploits4References1
osv
osv
added 2025/01/15 3:15 p.m.8 views

AZL-55691 CVE-2024-12084 affecting package rsync for versions less than 3.4.1-1

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...

9.8CVSS7.6AI score0.72059EPSS
Exploits4References1
osv
osv
added 2025/01/09 12:0 a.m.8 views

UBUNTU-CVE-2024-12084

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...

9.8CVSS7.5AI score0.72059EPSS
Exploits4References7
osv
osv
added 2022/03/11 8:15 p.m.6 views

ALPINE-CVE-2022-24754

PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials credentials with datatype PJSIPCREDDATADIGEST...

9.8CVSS7AI score0.02065EPSS
Exploits0References1
osv
osv
added 2022/03/11 8:15 p.m.3 views

DEBIAN-CVE-2022-24754

PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials credentials with datatype PJSIPCREDDATADIGEST...

9.8CVSS7AI score0.02065EPSS
Exploits0References1
Rows per page
Query Builder