Lucene search
K

155 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/22 2:31 a.m.4 views

CVE-2026-46597

An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...

5.8AI score0.00054EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/16 1:44 p.m.3 views

CVE-2026-32600

A flaw was found in xml-security, a library for XML signatures and encryption. This vulnerability arises from a lack of validation for the authentication tag length in XML nodes encrypted with AES-GCM Advanced Encryption Standard Galois/Counter Mode. A remote attacker can exploit this by...

8.2CVSS5.8AI score0.00022EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/01/28 10:8 a.m.2 views

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

8.8CVSS6.3AI score0.02889EPSS
Exploits7References4
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2025-15467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact...

8.8CVSS8AI score0.02889EPSS
Exploits7References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-5388

Malware in sbrugna...

4.3CVSS6.4AI score0.00397EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2017-16797

Malware in sbrugna...

5.3CVSS7.3AI score0.00451EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-0050

Malware in sbrugna...

8.1CVSS7.9AI score0.00078EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-0887

Malicious code in bioql PyPI...

2.5CVSS4.9AI score0.00141EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-29958

Malicious code in bioql PyPI...

3.7CVSS5AI score0.00232EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2025-27498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the...

5.6CVSS5.8AI score0.00036EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/08 12:6 a.m.10 views

CVE-2025-54887 jwe: Missing AES-GCM authentication tag validation in encrypted JWEs

jwe is a Ruby implementation of the RFC 7516 JSON Web Encryption JWE standard. In versions 1.1.0 and below, authentication tags of encrypted JWEs can be brute forced, which may result in loss of confidentiality for those JWEs and provide ways to craft arbitrary JWEs. This puts users at risk becau...

9.1CVSS0.0004EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 5:11 p.m.7 views

CVE-2020-8897

A weak robustness vulnerability exists in the AWS Encryption SDKs for Java, Python, C and Javalcript prior to versions 2.0.0. Due to the non-committing property of AES-GCM and other AEAD ciphers such as AES-GCM-SIV or XChaCha20Poly1305 used by the SDKs to encrypt messages, an attacker can craft a...

8.1CVSS6.7AI score0.00078EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:12 a.m.7 views

CVE-2013-5548

The IKEv2 implementation in Cisco IOS, when AES-GCM or AES-GMAC is used, allows remote attackers to bypass certain IPsec anti-replay features via IPsec tunnel traffic, aka Bug ID CSCuj47795...

4.3CVSS7.1AI score0.00397EPSS
Exploits0References1
NVD
NVD
added 2025/03/03 5:15 p.m.7 views

CVE-2025-27498

aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext...

5.6CVSS0.00036EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2024/10/24 3:57 p.m.11 views

CVE-2024-50382

Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V...

5.9CVSS6.8AI score0.00157EPSS
Exploits1References7
NVD
NVD
added 2024/10/23 5:15 p.m.10 views

CVE-2024-50382

Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V...

5.9CVSS0.00157EPSS
Exploits1References4
OSV
OSV
added 2024/10/23 5:15 p.m.8 views

CVE-2024-50382

Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V...

5.9CVSS6.8AI score
Exploits0References4
Cvelist
Cvelist
added 2024/10/23 12:0 a.m.13 views

CVE-2024-50382

Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V...

0.00157EPSS
Exploits1References4
CVE
CVE
added 2024/10/23 12:0 a.m.66 views

CVE-2024-50382

CVE-2024-50382 affects Botan before 3.6.0, where certain LLVM versions trigger compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp (GHASH in AES-GCM). A branch instead of an XOR with carry was observed, notably with Clang/LLVM 15 on RISC-V. The issue can cause undefined be...

5.9CVSS7AI score0.00157EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2024/10/23 12:0 a.m.13 views

CVE-2024-50382

Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in AES-GCM. There is a branch instead of an XOR with carry. This was observed for Clang in LLVM 15 on RISC-V...

5.9CVSS5.2AI score0.00157EPSS
Exploits1
Rows per page
Query Builder