Lucene search
K

44 matches found

CVE
CVE
added 4 days ago6 views

CVE-2026-54736

Technical details (affected versions, root cause specifics, and remediation beyond what is in the Initial Description) are not publicly available in the provided documents; monitor for updates.

8.2CVSS6.1AI score0.00147EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of error handling in the rxgxkextracttoken function. When rxgxkdecryptskb returns -ENOME...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/25 4:30 p.m.4 views

CVE-2026-6986

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mgaesgcmdecrypt of the file /src/tlsaes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may be...

6.3CVSS4.1AI score0.00217EPSS
Exploits1References5Affected Software1
Redos
Redos
added 2026/04/20 12:0 a.m.22 views

ROS-20260420-73-0009

A vulnerability in the PKCS12itemdecryptd2iex function of the OpenSSL library is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.1AI score0.00844EPSS
Exploits1
Snyk
Snyk
added 2026/04/10 12:11 a.m.18 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the wcPKCS7DecryptOri function when processing a CMS EnvelopedData message containing an OtherRecipientInfo recipient. An attacker can execute arbitrary code or cause a crash by sending a crafted message...

8CVSS6.2AI score0.00175EPSS
Exploits0References2
OSV
OSV
added 2026/04/07 10:16 p.m.7 views

ALPINE-CVE-2026-28389

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denial of...

7.5CVSS5.9AI score0.00805EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/23 3:2 a.m.7 views

CVE-2026-2968

A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mgchacha20poly1305decrypt of the file /src/tlschacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be...

6.3CVSS4.5AI score0.00218EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/02/11 10:12 a.m.10 views

CLSA-2026-1770804736 Fix CVE(s): CVE-2025-69421

SECURITY UPDATE: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files - debian/patches/CVE-2025-69421.patch: fix NULL pointer dereference in PKCS12itemdecryptd2i by adding NULL check for oct parameter - CVE-2025-69421...

7.5CVSS7.1AI score0.00844EPSS
Exploits1References1
OSV
OSV
added 2026/02/10 9:58 a.m.7 views

CLSA-2026-1770717529 Fix CVE(s): CVE-2025-69421

SECURITY UPDATE: check oct argument for NULL in PKCS12itemdecryptd2ie - debian/patches/CVE-2025-69421.patch: fix a NULL pointer dereference in the PKCS12itemdecryptd2iex function. - CVE-2025-69421...

7.5CVSS7.2AI score0.00844EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/01/27 4:1 p.m.6 views

CVE-2025-69421

Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files. The PKCS12itemdecryptd2iex...

6.2AI score0.00844EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2026/01/26 10:4 a.m.12 views

CVE-2025-59095

CVE-2025-59095 affects dormakaba Kaba exos 9300 software. Public descriptions in multiple sources indicate that DLLs/binaries (notably Kaba.EXOS.common.dll) use a hard-coded, static cryptoKey with a simple XOR-based encrypt/decrypt routine to process user PINs before storing them in MSSQL. The ro...

6.8CVSS5.9AI score0.00104EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/10 5:17 a.m.6 views

CVE-2026-22700 RustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKE

RustCrypto: Elliptic Curves is general purpose Elliptic Curve Cryptography ECC support, including types and traits for representing various elliptic curve forms, scalars, points, and public/secret keys composed thereof. In versions 0.14.0-pre.0 and 0.14.0-rc.0, a denial-of-service vulnerability...

7.5CVSS6.5AI score0.00279EPSS
Exploits1References3
NVD
NVD
added 2025/11/21 11:15 p.m.12 views

CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

8.2CVSS0.00303EPSS
Exploits0References1
OSV
OSV
added 2025/11/21 11:15 p.m.13 views

UBUNTU-CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

8.2CVSS5.8AI score0.00303EPSS
Exploits0References3
CVE
CVE
added 2025/11/21 10:57 p.m.576 views

CVE-2025-11931

The set of connected documents confirms this CVE affects wolfSSL’s XChaCha20-Poly1305 code, specifically the wc_XChaCha20Poly1305_Decrypt() function. The root cause is an integer underflow that can lead to out-of-bounds access when decrypting, and this path is taken from direct application calls ...

8.2CVSS6.4AI score0.00303EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/11/21 10:57 p.m.17 views

CVE-2025-11931 Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

2.1CVSS0.00303EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/21 10:57 p.m.7 views

EUVD-2025-198522

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

2.1CVSS6.3AI score0.00303EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/21 10:57 p.m.2 views

CVE-2025-11931 Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

2.1CVSS6.4AI score0.00303EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-7450

Malware in sbrugna...

8.1CVSS8AI score0.09675EPSS
Exploits5References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-1600

Malware in sbrugna...

7.5CVSS6.4AI score0.03477EPSS
Exploits0References8
Rows per page
Query Builder