1009 matches found
CVE-2026-41989
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...
CVE-2026-41989
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...
CVE-2026-41989
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...
CVE-2026-41989
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...
CVE-2026-41989
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...
CVE-2026-41989
Libgcrypt before 1.12.2 is affected by CVE-2026-41989, where a heap-based buffer overflow can occur via crafted ECDH ciphertext to gcry_pk_decrypt, enabling denial of service. Vulnerable component: Libgcrypt crypto library (ECDH/decrypt path). Impact: DoS (potential crash) as described. Mitigatio...
Libgcrypt 缓冲区错误漏洞
Libgcrypt is a general-purpose encryption library based on GnuPG code from the American GNU community. This library implements various encryption algorithms, including symmetric ciphers, hash algorithms, public key algorithms, etc. Versions of Libgcrypt prior to 1.12.2 contained a buffer error...
Libgcrypt 缓冲区错误漏洞
Libgcrypt is a general-purpose encryption library based on GnuPG code from the American GNU community. This library implements various encryption algorithms, including symmetric ciphers, hash algorithms, public key algorithms, etc. Versions of Libgcrypt prior to 1.12.2 contained a buffer error...
CVE-2026-41989
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...
PT-2026-34640
Name of the Vulnerable Software and Affected Versions Libgcrypt versions prior to 1.12.2 Description A heap-based buffer overflow and denial of service can occur when processing crafted ECDH ciphertext through the gcry pk decrypt function. Recommendations Update to version 1.12.2 or later...
PT-2026-34641
Name of the Vulnerable Software and Affected Versions Libgcrypt versions prior to 1.12.2 Description Libgcrypt mishandles Dilithium signing. Specifically, writes to a static array lack a bounds check, although these writes do not use attacker-controlled data. Recommendations Update to version...
CVE-2026-41990
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
Linux Distros Unpatched Vulnerability : CVE-2026-41989
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt. CVE-2026-41989 Note th...
Linux Distros Unpatched Vulnerability : CVE-2026-41990
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data. CVE-2026-41990 Note...
SUSE SLES16 : Feature update for libgcrypt, libgpg-error (SUSE-SU-SUSE-FU-2026:21213-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-FU-2026:21213-1 advisory. Update libgcrypt to 1.12.1 jscPED-15059: New and extended interfaces: - Allow access to the FIPS service indicator via the new...
openSUSE 16 : Feature update for libgcrypt, libgpg-error (SUSE-SU-openSUSE-FU-2026:20562-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU- openSUSE-FU-2026:20562-1 advisory. Update libgcrypt to 1.12.1 jscPED-15059: New and extended interfaces: - Allow access to the FIPS service indicator via the new...
JLSEC-2026-123
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpipowm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP...
JLSEC-2026-124
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...
OPENSUSE-FU-2026:20562-1 Feature update for libgcrypt, libgpg-error
This update for libgcrypt, libgpg-error fixes the following issues: Update libgcrypt to 1.12.1 jscPED-15059: New and extended interfaces: - Allow access to the FIPS service indicator via the new GCRYCTLFIPSSERVICEINDICATOR control code. - Make SHA-1 non-FIPS internally for the 1.12 API - Add...
SUSE-FU-2026:21232-1 Feature update for libgcrypt, libgpg-error
This update for libgcrypt, libgpg-error fixes the following issues: Update libgcrypt to 1.12.1 jscPED-15059: New and extended interfaces: - Allow access to the FIPS service indicator via the new GCRYCTLFIPSSERVICEINDICATOR control code. - Make SHA-1 non-FIPS internally for the 1.12 API - Add...