Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.10 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Libgcrypt vulnerabilities (USN-8319-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8319-1 advisory. It was discovered that Libgcrypt incorrectly handled crafted ECDH ciphertext. An attacker could possibly use this issue t...

6.7CVSS5.8AI score0.0018EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2026/05/27 12:32 p.m.12 views

USN-8319-1: Libgcrypt vulnerabilities

It was discovered that Libgcrypt incorrectly handled crafted ECDH ciphertext. An attacker could possibly use this issue to cause Libgcrypt to crash, resulting in a denial of service. CVE-2026-41989 It was discovered that Libgcrypt incorrectly handled Dilithium signing. An attacker could possibly...

6.7CVSS5.8AI score0.0018EPSS
Exploits0
OSV
OSV
added 2026/05/27 12:32 p.m.9 views

USN-8319-1 libgcrypt20 vulnerabilities

It was discovered that Libgcrypt incorrectly handled crafted ECDH ciphertext. An attacker could possibly use this issue to cause Libgcrypt to crash, resulting in a denial of service. CVE-2026-41989 It was discovered that Libgcrypt incorrectly handled Dilithium signing. An attacker could possibly...

6.7CVSS5.8AI score0.0018EPSS
Exploits0References3
OSV
OSV
added 2026/05/14 2:21 a.m.9 views

JLSEC-2026-497 Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds...

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.8AI score0.00176EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/28 11:5 a.m.6 views

CVE-2026-41990

A flaw was found in Libgcrypt. During Dilithium signing operations, the library fails to perform a bounds check when writing to a static array. While the data involved is not directly controlled by an attacker, this vulnerability could lead to memory corruption, potentially resulting in a denial ...

4CVSS4.9AI score0.00176EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/04/24 1:27 a.m.14 views

SUSE CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.8AI score0.00176EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/23 6:30 a.m.5 views

EUVD-2026-25193

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.8AI score0.00176EPSS
Exploits0References4
NVD
NVD
added 2026/04/23 5:16 a.m.9 views

CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS0.00176EPSS
Exploits0References3
OSV
OSV
added 2026/04/23 5:16 a.m.3 views

UBUNTU-CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.8AI score0.00176EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/23 4:39 a.m.4 views

CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.8AI score0.00176EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/23 4:39 a.m.2 views

CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.8AI score0.00176EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/23 4:39 a.m.29 views

CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS0.00176EPSS
Exploits0References3
CVE
CVE
added 2026/04/23 4:39 a.m.20 views

CVE-2026-41990

CVE-2026-41990 affects Libgcrypt prior to 1.12.2, where Dilithium signing mishandles a static array write that lacks a bounds check. The issue does not use attacker-controlled data. CVSSv3.1 base metrics indicate a Medium risk (4.0) with LOCAL attack vector, HIGH complexity, NONE privileges, and ...

4CVSS5.8AI score0.00176EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/04/23 4:39 a.m.4 views

CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.2AI score0.00176EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/04/23 12:0 a.m.8 views

CVE-2026-41990

Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...

4CVSS5.8AI score0.00176EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-41990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data. CVE-2026-41990 Note...

4CVSS5.8AI score0.00176EPSS
Exploits0References2
Rows per page
Query Builder