Lucene search
+L

155 matches found

NVD
NVD
added 2026/03/16 2:19 p.m.8 views

CVE-2026-32313

xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Prior to 3.1.5, XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover...

8.2CVSS0.00152EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/03/16 1:44 p.m.6 views

CVE-2026-32600

A flaw was found in xml-security, a library for XML signatures and encryption. This vulnerability arises from a lack of validation for the authentication tag length in XML nodes encrypted with AES-GCM Advanced Encryption Standard Galois/Counter Mode. A remote attacker can exploit this by...

8.2CVSS5.8AI score0.00148EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.9 views

Xmlseclibs 安全漏洞

Xmlseclibs is a library developed by robrichards, written in PHP, for handling XML encryption and signing. Versions of Xmlseclibs prior to 3.1.5 contained security vulnerabilities. These vulnerabilities stemmed from the lack of authentication tag length validation for XML nodes encrypted using...

8.2CVSS5.9AI score0.00152EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/13 8:44 p.m.6 views

EUVD-2026-12099

simplesamlphp/xml-security: Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption...

8.2CVSS5.8AI score0.00148EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/13 8:44 p.m.12 views

simplesamlphp/xml-security: Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption

Summary XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover the GHASH key, and decrypt the encrypted nodes. It also allows to forge arbitrary ciphertexts...

8.2CVSS5.8AI score0.00148EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/13 8:4 p.m.26 views

xmlseclibs: Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption

Summary XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover the GHASH key, and decrypt the encrypted nodes. It also allows to forge arbitrary ciphertexts...

8.2CVSS5.8AI score0.00152EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/03/13 8:4 p.m.2 views

GHSA-4V26-V6CG-G6F9 xmlseclibs: Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption

Summary XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover the GHASH key, and decrypt the encrypted nodes. It also allows to forge arbitrary ciphertexts...

8.2CVSS5.8AI score0.00152EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/13 7:58 p.m.4 views

CVE-2026-32600

xml-security is a library that implements XML signatures and encryption. Prior to 2.3.1, XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover the GHASH key,...

8.2CVSS5.9AI score0.00148EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/03/13 7:58 p.m.8 views

CVE-2026-32600 xml-security is Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption

xml-security is a library that implements XML signatures and encryption. Prior to versions 2.3.1 and 1.13.9, XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag,...

8.2CVSS6AI score0.00148EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/13 7:50 p.m.3 views

CVE-2026-32313

xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Prior to 3.1.5, XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover...

8.2CVSS5.9AI score0.00152EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.10 views

xml-security 安全漏洞

xml-security is an open-source library developed by SimpleSAMLphp. Versions prior to 2.3.1 and 1.13.9 of xml-security had security vulnerabilities. These vulnerabilities stemmed from the lack of authentication tag length validation for XML nodes encrypted using aes-128-gcm, aes-192-gcm, or...

8.2CVSS5.9AI score0.00148EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.14 views

PT-2026-25372

Summary XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover the GHASH key, and decrypt the encrypted nodes. It also allows to forge arbitrary ciphertexts...

8.2CVSS5.8AI score0.00152EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.17 views

PT-2026-25375

Summary XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover the GHASH key, and decrypt the encrypted nodes. It also allows to forge arbitrary ciphertexts...

8.2CVSS5.8AI score0.00148EPSS
Exploits1References9
OSV
OSV
added 2026/02/02 9:5 p.m.8 views

GO-2026-4379 gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values in github.com/gmrtd/gmrtd

gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values in github.com/gmrtd/gmrtd...

6.5CVSS5.3AI score0.00265EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/01/28 12:42 a.m.4 views

kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv()

An out of bounds OOB memory access flaw was found in the Linux kernel's ipv6 network subsystem. This could allow a local attacker to crash the system or leak kernel internal information...

7.2AI score0.00207EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/27 9:8 p.m.33 views

CVE-2026-24738 gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values

gmrtd is a Go library for reading Machine Readable Travel Documents MRTDs. Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to 4GB, which can cause unconstrained resource consumption in both memory and cpu cycles. ReadFile can consume an extended TLV with lengths well...

5.9CVSS0.00265EPSS
Exploits0References3
OSV
OSV
added 2026/01/27 9:8 p.m.6 views

CVE-2026-24738 gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values

gmrtd is a Go library for reading Machine Readable Travel Documents MRTDs. Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to 4GB, which can cause unconstrained resource consumption in both memory and cpu cycles. ReadFile can consume an extended TLV with lengths well...

5.9CVSS5.8AI score0.00265EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 9 : cjose-0.6.1-13.el9 (AXSA:2023-6285:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6285:01 advisory. cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE CVE-2023-37464 Tenable has extracted the preceding...

8.6CVSS5.6AI score0.0071EPSS
Exploits1References2
Hacker One
Hacker One
added 2025/12/13 4:49 p.m.17 views

Node.js: Missing AES-GCM Authentication Tag Validation and Improper Deprecation Handling

Summary: In Node.js' crypto module, the createDecipheriv states that "the authTagLength option defaults to 16 bytes and must be set to a different value if a different length is used." here The authentication tag's length is however not validated against that default value and can be truncated do...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.8 views

TencentOS Server 3: mod_auth_openidc:2.3 (TSSA-2023:0203)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0203 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

8.6CVSS7.4AI score0.0071EPSS
Exploits1References2
Rows per page
Query Builder