5 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-6329
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. Th...
AWS libcrypto 安全漏洞
AWS libcrypto is a general-purpose encryption library open sourced by Amazon Web Services. Versions of AWS libcrypto prior to 1.69.0 contained security vulnerabilities. These vulnerabilities stemmed from improper certificate verification in the PKCS7verify function. It was possible to bypass the...
The vulnerabilities of the functions EVP_DigestInit(), EVP_DigestUpdate(), or EVP_DigestFinal() in the OpenSSL cryptographic library that implements the PKCS #7 standard allow a perpetrator to cause a service failure.
The vulnerability of the EVPDigestInit, EVPDigestUpdate, or EVPDigestFinal functions in the PKCS 7 standard implementation of the OpenSSL cryptographic library is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker to cause a service failure...
Preparing Critical Infrastructure for Post-Quantum Cryptography
CISA has released CISA Insights: Preparing Critical Infrastructure for Post-Quantum Cryptography, which outlines the actions that critical infrastructure stakeholders should take now to prepare for their future migration to the post-quantum cryptographic standard that the National Institute of...
Prepare for a New Cryptographic Standard to Protect Against Future Quantum-Based Threats
The National Institute of Standards and Technology NIST has announced that a new post-quantum cryptographic standard will replace current public-key cryptography, which is vulnerable to quantum-based attacks. Note: the term “post-quantum cryptography” is often referred to as “quantum-resistant...