265 matches found
CLSA-2025-1739812201 Fix CVE(s): CVE-2024-3596
SECURITY UPDATE: Generate and verify message MACs in libkrad - debian/patches/CVE-2024-3596.patch: implement support for Message-Authenticator in libkrad - CVE-2024-3596 debian/control: add package Recommends to krb5-doc...
PT-2025-36296
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where MAC comparisons were not performed in constant time, potentially allowing timing attacks. The fix involves using an appropriate helper function t...
openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC
A flaw was found in in the POLY1305 MAC message authentication code implementation in OpenSSL, affecting applications running on PowerPC CPU-based platforms that utilize vector instructions, and has the potential to corrupt the internal state of these applications. If an attacker can manipulate t...
The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms
OpenSSL contains an issue in the POLY1305 MAC message authentication code implementation that might result in a corrupted internal application state. This flaw is only exploitable on PowerPC CPU based platforms if the CPU provides vector instructions PowerISA 2.07. The impact of the corrupted...
Malleability attack against executables encrypted by CBC mode with no integrity check
Overview Researchers at NTT, University of Hyogo, and NEC have identified a security issue that leads to executing arbitrary code in executable files that are encrypted by CBC mode with no integrity check. This issue has been published in ACNS 2020 . There is a risk that an encrypted executable...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
PT-2024-40808 · Git +1 · Openssl
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a null-dereference read crash. Technical details about the crash include the functions evp mac final, kbkdf derive, and do evp kd...
CVE-2024-39559
An Improper Check for Unusual or Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS Evolved may allow a network-based unauthenticated attacker to crash the device vmcore by sending a specific TCP packet over an established TCP session with MD5 authentication...
booth: specially crafted hash can lead to invalid HMAC being accepted by Booth server
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcrymdgetalgodlen, it may allow an invalid HMAC to be accepted by the Booth server...
CVE-2023-6323
ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker to impersonate an authoritative server...
D-Link DAP-2622 安全漏洞
The D-Link DAP-2622 is a wireless access point Access Point device from China's AUO D-Link. A security vulnerability exists in the D-Link DAP-2622 that stems from a stack-based buffer overflow remote code execution vulnerability in the DDP Set Wireless Message Authentication Password...
CVE-2024-29969
When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0, TLS/SSL weak message authentication code ciphers are added by default for port 18082...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
BIT-TYPO3-2020-15099
In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, in a case where an attacker manages to generate a valid cryptographic message authentication code HMAC-SHA1 - either by using a different existing vulnerability or in case t...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
CVE-2024-23816
A vulnerability has been identified in Location Intelligence Perpetual Large 9DE5110-8CA13-1AX0 All versions V4.3, Location Intelligence Perpetual Medium 9DE5110-8CA12-1AX0 All versions V4.3, Location Intelligence Perpetual Non-Prod 9DE5110-8CA10-1AX0 All versions V4.3, Location Intelligence...
CVE-2024-23816
CVE-2024-23816 affects Siemens Location Intelligence products (Perpetual Large/Medium/Non-Prod/Small and SUS Large/Medium/Non-Prod/Small). Root cause: use of a hard-coded secret for Keyed-Hash Message Authentication Code computation, enabling an unauthenticated remote attacker to gain full admini...