261 matches found
CVE-2026-21383 Reusing a Nonce, Key Pair in Encryption in HLOS
Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security...
CVE-2026-21383
CVE-2026-21383 describes a cryptographic issue in which AES-GCM key wrapping uses a static initialization vector (IV). The static IV conflicts with the requirement for a unique IV per operation, which can undermine confidentiality and integrity. The CVSS 3.1 metrics provided indicate a high impac...
OESA-2026-2875 edk2 security update
EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: When an application drives an AES-OCB context through the public EVPCipher one-shot interface, the application-supplied initialisation vector IV is...
CVE-2026-59099 Apereo CAS 7.3.0 < 8.0.0-RC6 - AES-GCM Nonce Reuse Information Disclosure
Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution...
CVE-2026-59099
Apereo CAS: vulnerability in 7.3.0 prior to 8.0.0-RC6 due to AES-GCM IV reuse across server lifetime, enabling remote unauthenticated attackers to recover plaintext webflow conversation state by known-plaintext analysis on multiple client-side webflow tokens collected from the unauthenticated log...
EUVD-2026-40449
ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images...
Linux Distros Unpatched Vulnerability : CVE-2026-56369
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploi...
DEBIAN-CVE-2026-56369
ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images...
CVE-2026-56369
ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images...
CVE-2026-56369
Removed by vendor...
CVE-2026-56369
CVE-2026-56369 concerns ImageMagick prior to 7.1.2-22, where an information-disclosure vulnerability arises in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers could potentially recover plaintext from encrypted images because the nonce is reused in the CTR mode. The available...
CVE-2026-56369 ImageMagick - Information Disclosure via AES-CTR Nonce Reuse in PasskeyEncipherImage
ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images...
CVE-2026-12205
A flaw was found in Crypt::DSA, a Perl module for Digital Signature Algorithm DSA cryptography. This vulnerability occurs because the software reuses a unique random number, known as a nonce, for multiple digital signatures generated with the same cryptographic key. An attacker could exploit this...
EUVD-2026-37016
Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce material in the Key object without ever clearing it. The first sign on a Key object picks a nonce, and every later sign on that same object...
CVE-2026-12205
Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce material in the Key object without ever clearing it. The first sign on a Key object picks a nonce, and every later sign on that same object...
CVE-2026-12205 Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery
Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce material in the Key object without ever clearing it. The first sign on a Key object picks a nonce, and every later sign on that same object...
CVE-2026-12205
Crypt::DSA for Perl versions before 1.21 reuse the per-signature nonce across signatures because the sign() function caches nonce data in the Key object and does not clear it. The first sign() selects a nonce and later signs reuse that nonce, producing identical r values, enabling potential priva...
CVE-2026-12205
Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce material in the Key object without ever clearing it. The first sign on a Key object picks a nonce, and every later sign on that same object...
Linux Distros Unpatched Vulnerability : CVE-2026-12205
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce...
PT-2026-49531
Name of the Vulnerable Software and Affected Versions Crypt::DSA versions prior to 1.21 Description The software reuses the nonce across signatures, which can lead to the recovery of the private key. The sign function in the Crypt::DSA::sign module caches the per-signature nonce material within t...