Lucene search
K

22 matches found

NVD
NVD
added 2026/06/25 6:16 p.m.9 views

CVE-2026-55967

AES-GCM encryption/decryption with extremely large cumulative single message sizes 64 GiB were not properly rejected by the streaming APIs, allowing counter wrap, keystream reuse, and consequent plaintext recovery...

7.5CVSS0.00114EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 4:53 p.m.32 views

CVE-2026-55967 AES-GCM streaming APIs do not reject >64 GiB cumulative single messages, enabling counter wrap and keystream reuse

AES-GCM encryption/decryption with extremely large cumulative single message sizes 64 GiB were not properly rejected by the streaming APIs, allowing counter wrap, keystream reuse, and consequent plaintext recovery...

2CVSS0.00114EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 4:53 p.m.5 views

CVE-2026-55967

AES-GCM encryption/decryption with extremely large cumulative single message sizes 64 GiB were not properly rejected by the streaming APIs, allowing counter wrap, keystream reuse, and consequent plaintext recovery...

2CVSS5.8AI score0.00114EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/25 4:53 p.m.6 views

EUVD-2026-39493

AES-GCM encryption/decryption with extremely large cumulative single message sizes 64 GiB were not properly rejected by the streaming APIs, allowing counter wrap, keystream reuse, and consequent plaintext recovery...

2CVSS5.8AI score0.00114EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 4:53 p.m.20 views

CVE-2026-55967

CVE-2026-55967 covers AES-GCM streaming APIs that fail to reject extremely large cumulative single messages (>64 GiB), allowing counter wrap and keystream reuse and enabling plaintext recovery. Public documents reference the same issue across multiple OS advisories (Ubuntu, Debian, Debian-deri...

7.5CVSS5.8AI score0.00114EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/05/18 12:24 p.m.16 views

bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...

9.3CVSS5.8AI score0.00313EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/18 12:21 p.m.20 views

bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...

9.3CVSS5.8AI score0.00313EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/18 12:12 p.m.15 views

bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...

9.3CVSS5.8AI score0.00313EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/14 4:55 p.m.21 views

bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...

9.3CVSS5.8AI score0.00313EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/06 5:59 p.m.8 views

bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...

9.3CVSS5.8AI score0.00313EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/06 5:58 p.m.8 views

bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...

9.3CVSS5.8AI score0.00313EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/05 7:56 a.m.29 views

bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...

9.3CVSS5.8AI score0.00313EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/05 3:47 a.m.13 views

bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...

9.3CVSS5.8AI score0.00313EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/05 3:47 a.m.8 views

bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...

9.3CVSS5.8AI score0.00313EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/28 4:36 p.m.7 views

CVE-2025-14813

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The GOSTCTR implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the G3413CTRBlockCiphe...

9.3CVSS5.3AI score0.00313EPSS
Exploits0References4
OSV
OSV
added 2026/04/17 6:31 p.m.4 views

GHSA-574F-3G2M-X479 Bouncy Castle for Java GOST 28147 CTR mode reuses keystream after 255 blocks

The GOST 28147-2015 CTR mode implementation G3413CTRBlockCipher in the Legion of the Bouncy Castle BC-JAVA bcprov core module only increments the final byte of the counter, so the counter wraps after 255 blocks and the keystream is reused. Reusing CTR keystream allows an attacker who can observe...

9.3CVSS7.3AI score0.00313EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-11840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the...

5.9CVSS6.8AI score0.03437EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/10/19 10:15 a.m.9 views

CVE-2022-24401

Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of...

8.8CVSS7.5AI score0.00335EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/25 12:0 a.m.5 views

PT-2023-12749 · Tetra · Tetra

Name of the Vulnerable Software and Affected Versions: TETRA affected versions not specified Description: The issue concerns adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, whic...

8.8CVSS8AI score0.00335EPSS
Exploits0References8
The Hacker News
The Hacker News
added 2020/08/13 1:9 p.m.6 views

New Attack Lets Hackers Decrypt VoLTE Encryption to Spy on Phone Calls

A team of academic researchers—who previously made the headlines earlier this year for uncovering severe security issues in the 4G LTE and 5G networks—today presented a new attack called 'ReVoLTE ,' that could let remote attackers break the encryption used by VoLTE voice calls and spy on targeted...

5.8AI score
Exploits0
Rows per page
Query Builder