5770 matches found
CVE-2026-32877 Botan: Heap Buffer Over-read in SM2 Decryption via Undersized C3 Hash Field
Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...
EUVD-2026-17210
Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...
CVE-2026-32877
Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...
CVE-2026-32877
Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...
CVE-2026-32877 Botan: Heap Buffer Over-read in SM2 Decryption via Undersized C3 Hash Field
Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...
CVE-2026-32877
Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...
SUSE-SU-2026:20983-1 Security update for postgresql16
This update for postgresql16 fixes the following issues: - Update to versio 16.13. bsc1258754 - CVE-2026-2003: Guard against unexpected dimensions of oidvector/int2vector bsc1258008 - CVE-2026-2004: Harden selectivity estimators against being attached to operators that accept unexpected data type...
Botan 缓冲区错误漏洞
Botan is a C++ encryption library developed by Jack Lloyd as an individual project. Versions of Botan from 2.3.0 to 3.11.0 contained a buffer error vulnerability. This vulnerability stemmed from the failure to check the expected length of the authentication code value during the SM2 decryption...
PT-2026-29124
Name of the Vulnerable Software and Affected Versions Botan versions 2.3.0 through 3.10.9 Description Botan is a C++ cryptography library. During SM2 decryption, the code that checks the authentication code value C3 does not verify the encoded value's length before comparison. This can lead to a...
NewStart CGSL MAIN 7.02 : tongsuo Vulnerability (NS-SA-2026-0039)
The remote NewStart CGSL host, running version MAIN 7.02, has tongsuo packages installed that are affected by a vulnerability: - Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This...
NewStart CGSL MAIN 7.02 : openssl Vulnerability (NS-SA-2026-0038)
The remote NewStart CGSL host, running version MAIN 7.02, has openssl packages installed that are affected by a vulnerability: - Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This...
CVE-2021-27328
Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. An authenticated user can decrypt firmware and can read sensitive information, such as a password or decryption key...
PT-2026-36450
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the authencesn component of the crypto subsystem during out-of-place decryption where source and destination are different. The system unnecessarily saves high-order...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : CryptX vulnerabilities (USN-8128-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8128-1 advisory. It was discovered that CryptX did not verify authentication tags while performing GCM and ChaCha20-Poly1305 decryptio...
OpenClaw: Nostr inbound DMs could trigger unauthenticated crypto work before sender policy enforcement
Summary Nostr inbound DM handling could perform crypto and dispatch work before sender and pairing policy enforcement, enabling unauthorized pre-auth computation. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...
GHSA-65H8-27JH-Q8WV OpenClaw: Nostr inbound DMs could trigger unauthenticated crypto work before sender policy enforcement
Summary Nostr inbound DM handling could perform crypto and dispatch work before sender and pairing policy enforcement, enabling unauthorized pre-auth computation. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...
CVE-2026-32313
xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Prior to 3.1.5, XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can use this to brute-force an authentication tag, recover...
CVE-2026-32614
Go ShangMi Commercial Cryptography Library GMSM is a cryptographic library that covers the Chinese commercial cryptographic public algorithms SM2/SM3/SM4/SM9/ZUC. Prior to 0.41.1, the current SM9 decryption implementation contains an infinity-point ciphertext forgery vulnerability. The root cause...
Inadequate Encryption Strength
github.com/cloudflare/gokey is vulnerable to Inadequate Encryption Strength. The vulnerability is due to flawed seed decryption logic that uses only limited entropy from the initialization vector and authentication tag, which allows an attacker with access to the seed file to derive generated...
CVE-2025-64647
IBM Concert 1.0.0 through 2.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...