CVE-2026-57062

CMS Cryptographic Message Syntax parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182...

EUVD-2026-38550

CMS Cryptographic Message Syntax parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182...

CVE-2026-57062

CVE-2026-57062: The CMS parsing in GnuPG’s gpgsm (up to version 2.5.20) mishandles AES-GCM when processing CMS structures, accepting an aes-ICVlen of 4 bytes instead of the required 12. This is a component/format handling flaw in GnuPG’s CMS implementation. The CVE record cites a related issue (C...

CVE-2026-46193

In the Linux kernel, the following vulnerability has been resolved: xfrm: ah: account for ESN high bits in async callbacks AH allocates its temporary auth/ICV layout differently when ESN is enabled: the async ahash setup appends a 4-byte seqhi slot before the ICV or authdata area, but the async...

EUVD-2026-32820

In the Linux kernel, the following vulnerability has been resolved: xfrm: ah: account for ESN high bits in async callbacks AH allocates its temporary auth/ICV layout differently when ESN is enabled: the async ahash setup appends a 4-byte seqhi slot before the ICV or authdata area, but the async...

CVE-2026-46193

CVE-2026-46193 concerns a Linux kernel xfrm AH (AH) implementation issue where ESN high bits are not accounted for in async callback paths, causing miscalculation of ICV/auth offsets on IPv4/IPv6 when ESN is enabled and async hmac is used. The vulnerability arises from reconstructing the temporar...

CVE-2026-46193 xfrm: ah: account for ESN high bits in async callbacks

In the Linux kernel, the following vulnerability has been resolved: xfrm: ah: account for ESN high bits in async callbacks AH allocates its temporary auth/ICV layout differently when ESN is enabled: the async ahash setup appends a 4-byte seqhi slot before the ICV or authdata area, but the async...

icv-addtravel.dk Cross Site Scripting vulnerability OBB-2368787

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2016-5160 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions 5.x through 6.x Description: The AES-GCM specification in RFC 5084 recommends 12 octets for the aes-ICVlen parameter field, which might make it easier for attackers to defeat a cryptographic protection mechanism and discover ...

CVE-2015-4550

The Cavium cryptographic-module firmware on Cisco Adaptive Security Appliance ASA devices with software 9.33 and 9.41.1 does not verify the AES-GCM Integrity Check Value ICV octets, which makes it easier for man-in-the-middle attackers to spoof IPSec and IKEv2 traffic by modifying packet data, ak...

CVE-2015-4550

CVE-2015-4550 affects Cisco ASA devices running ASA software 9.3(3) and 9.4(1.1), where the Cavium cryptographic-module firmware fails to verify AES-GCM ICV octets. This enables a remote attacker to perform a man-in-the-middle modification of IPSec/IKEv2 traffic without detection, effectively spo...

Cisco ASA ICV Checksum IPSec/IKEv2 Message Content Modification Vulnerability

The Cisco Adaptive Security Appliance is an adaptive security appliance that provides modules for security and VPN services. A security vulnerability exists in the Cisco Adaptive Security Appliance due to the AES-GCM code of the Cavium Networks cryptographic module component of the program failin...

PT-2015-1409 · Cavium +1 · Cavium Cryptographic-Module +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA versions 9.33 through 9.41.1 Description: The issue is related to errors in cryptographic transformations in the Cisco ASA cryptographic module. This could allow a remote attacker to gain access to traffi...

RHEL 6 : kernel (RHSA-2014:1843)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1843 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition flaw was found in the way the Linux...