Lucene search
+L

259 matches found

redhatcve
redhatcve
added 2025/05/16 7:8 p.m.20 views

CVE-2025-0136

Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series leads to unencrypted data transfer to devices that are connected to the PAN-OS firewall through IPSec. This issue does not affect Clou...

5.3CVSS7AI score0.00129EPSS
Exploits0References3
nvd
nvd
added 2025/05/14 7:15 p.m.26 views

CVE-2025-0136

Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series leads to unencrypted data transfer to devices that are connected to the PAN-OS firewall through IPSec. This issue does not affect Clou...

5.3CVSS0.00129EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/05/14 6:12 p.m.30 views

CVE-2025-0136 PAN-OS: Unencrypted Data Transfer when using AES-128-CCM on Intel-based hardware devices

Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series leads to unencrypted data transfer to devices that are connected to the PAN-OS firewall through IPSec. This issue does not affect Clou...

5.3CVSS7.3AI score0.00129EPSS
Exploits0References1
cvelist
cvelist
added 2025/05/14 6:12 p.m.37 views

CVE-2025-0136 PAN-OS: Unencrypted Data Transfer when using AES-128-CCM on Intel-based hardware devices

Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series leads to unencrypted data transfer to devices that are connected to the PAN-OS firewall through IPSec. This issue does not affect Clou...

5.3CVSS0.00129EPSS
Exploits0References1
cve
cve
added 2025/05/14 6:12 p.m.52 views

CVE-2025-0136

CVE-2025-0136 affects PAN-OS on Intel-based Palo Alto Networks firewalls (PA-7500, PA-5400/5400f, PA-3400, PA-1600, PA-1400, PA-400). The issue arises from using AES-128-CCM for IPSec, which leads to unencrypted data transfer between devices connected to the PAN-OS firewall through IPSec. Affecte...

5.3CVSS6.7AI score0.00129EPSS
Exploits0References1
nessus
nessus
added 2025/05/14 12:0 a.m.9 views

Palo Alto Networks PAN-OS 10.1.x < 10.1.14-h14 / 10.2.x < 10.2.11 / 11.0.x < 11.0.7 / 11.1.x < 11.1.5 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.14-h14, 10.2.x prior to 10.2.11, 11.0.x prior to 11.0.7, or 11.1.x prior to 11.1.5. It is, therefore, affected by a vulnerability. Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks...

5.3CVSS5.5AI score0.00129EPSS
Exploits0References2
nvd
nvd
added 2025/02/26 7:0 a.m.12 views

CVE-2022-49094

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decryptinternal The memory size of tlsctx-rx.iv for AES128-CCM is 12 setting in tlssetswoffload. The return value of cryptoaeadivsize for "ccmaes" is 16. So memcpy require 16 bytes from 12...

7.1CVSS0.00238EPSS
Exploits0References6
osv
osv
added 2025/02/26 7:0 a.m.1 views

DEBIAN-CVE-2022-49094

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decryptinternal The memory size of tlsctx-rx.iv for AES128-CCM is 12 setting in tlssetswoffload. The return value of cryptoaeadivsize for "ccmaes" is 16. So memcpy require 16 bytes from 12...

7.1CVSS5.5AI score0.00238EPSS
Exploits0References1
osv
osv
added 2025/02/26 7:0 a.m.3 views

UBUNTU-CVE-2022-49094

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decryptinternal The memory size of tlsctx-rx.iv for AES128-CCM is 12 setting in tlssetswoffload. The return value of cryptoaeadivsize for "ccmaes" is 16. So memcpy require 16 bytes from 12...

7.1CVSS6AI score0.00238EPSS
Exploits0References9
cvelist
cvelist
added 2025/02/26 1:54 a.m.14 views

CVE-2022-49094 net/tls: fix slab-out-of-bounds bug in decrypt_internal

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decryptinternal The memory size of tlsctx-rx.iv for AES128-CCM is 12 setting in tlssetswoffload. The return value of cryptoaeadivsize for "ccmaes" is 16. So memcpy require 16 bytes from 12...

0.00238EPSS
Exploits0References6
cve
cve
added 2025/02/26 1:54 a.m.90 views

CVE-2022-49094

CVE-2022-49094 details a Linux kernel TLS slab-out-of-bounds condition in decrypt_internal caused by an IV size mismatch for AES128-CCM when TLS offload uses a 12-byte tls_ctx-&gt;rx.iv while crypto_aead_ivsize() reports 16 bytes. The issue manifests during memcpy() from a 12-byte space, leading ...

7.1CVSS5.4AI score0.00238EPSS
Exploits0References6Affected Software1
debiancve
debiancve
added 2025/02/26 1:54 a.m.13 views

CVE-2022-49094

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decryptinternal The memory size of tlsctx-rx.iv for AES128-CCM is 12 setting in tlssetswoffload. The return value of cryptoaeadivsize for "ccmaes" is 16. So memcpy require 16 bytes from 12...

7.1CVSS5.5AI score0.00238EPSS
Exploits0
cnnvd
cnnvd
added 2025/02/26 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly set tlsctx-rx.iv memory size for AES128-CCM in the decryptinternal function, which results in ...

7.1CVSS5.6AI score0.00238EPSS
Exploits0References7
redhatcve
redhatcve
added 2025/02/06 1:44 a.m.15 views

CVE-2022-43517

A vulnerability has been identified in Simcenter STAR-CCM+ All versions V2306. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain...

7.8CVSS6.6AI score0.00206EPSS
Exploits0References1
osv
osv
added 2025/01/14 7:23 p.m.18 views

BIT-PHP-MIN-2020-7069 Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with opensslencrypt function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data...

6.5CVSS6.8AI score0.02055EPSS
Exploits0References14
nvd
nvd
added 2024/12/27 2:15 p.m.12 views

CVE-2024-53185

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in cryptoaeadsetkey Neither SMB3.0 or SMB3.02 supports encryption negotiate context, so when SMB2GLOBALCAPENCRYPTION flag is set in the negotiate response, the client uses AES-128-CCM as the defaul...

7.8CVSS0.00171EPSS
Exploits0References7
cve
cve
added 2024/12/27 1:49 p.m.137 views

CVE-2024-53185

CVE-2024-53185 : In the Linux kernel, the SMB client could dereference a NULL pointer in crypto_aead_setkey() when negotiating encryption over SMB2/SMB3, due to @server-&gt;cipher_type not being set for SMB3.02. The fix adds a check to smb3_crypto_aead_allocate() and ensures cipher_type is set fo...

7.8CVSS6.3AI score0.00171EPSS
Exploits0References7Affected Software1
cvelist
cvelist
added 2024/12/27 1:49 p.m.22 views

CVE-2024-53185 smb: client: fix NULL ptr deref in crypto_aead_setkey()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in cryptoaeadsetkey Neither SMB3.0 or SMB3.02 supports encryption negotiate context, so when SMB2GLOBALCAPENCRYPTION flag is set in the negotiate response, the client uses AES-128-CCM as the defaul...

0.00171EPSS
Exploits0References7
nessus
nessus
added 2024/06/03 12:0 a.m.34 views

RHEL 8 : 7.3_php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php: Overflowing the length of string causes crash CVE-2017-8923 - In PHP versions 7.2.x below 7.2.34,...

9.8CVSS7.5AI score0.07191EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2024/03/17 12:0 a.m.4 views

PT-2024-8353 · Unknown · Mipc Camera

Name of the Vulnerable Software and Affected Versions: MIPC Camera firmware versions prior to 5.4.1.240424171021 Description: The issue is related to an OS command injection vulnerability in the ccm debug component. This vulnerability can be exploited by sending a crafted HTTP request, allowing a...

8.8CVSS8.5AI score0.01707EPSS
Exploits0References15
Rows per page
Query Builder