Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.114 views

Linux Distros Unpatched Vulnerability : CVE-2026-34182

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue Summary: Cryptographic Message Services CMS processing fails to perform sufficient input validation on the cipher and tag length fields of AuthEnvelopedDa...

9.1CVSS5.5AI score0.00237EPSS
Exploits0References3
NVD
NVD
added 2026/06/09 5:17 p.m.27 views

CVE-2026-34182

Issue Summary: Cryptographic Message Services CMS processing fails to perform sufficient input validation on the cipher and tag length fields of AuthEnvelopedData containers, leading to various potential compromises. Impact Summary: Attackers making use of these vulnerabilities may achieve...

9.1CVSS0.00237EPSS
Exploits0References6
OSV
OSV
added 2026/06/09 5:17 p.m.6 views

ALPINE-CVE-2026-34182

Issue Summary: Cryptographic Message Services CMS processing fails to perform sufficient input validation on the cipher and tag length fields of AuthEnvelopedData containers, leading to various potential compromises. Impact Summary: Attackers making use of these vulnerabilities may achieve...

9.1CVSS5.4AI score0.00237EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 4:3 p.m.222 views

CVE-2026-34182

CVE-2026-34182 describes a vulnerability in CMS AuthEnvelopedData processing in OpenSSL where insufficient input validation on cipher and tag length can allow forged or manipulated messages. Attack scenarios include selecting non-AEAD ciphers (e.g., AES-256-OFB) that bypasses integrity checks and...

9.1CVSS5.5AI score0.00237EPSS
Exploits0References6Affected Software1
RedHat Linux
RedHat Linux
added 2026/01/28 10:8 a.m.3 views

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

8.8CVSS6.3AI score0.45854EPSS
Exploits7References4
Rows per page
Query Builder