Lucene search
+L

164 matches found

nvd
nvd
added 2026/07/02 5:17 p.m.12 views

CVE-2026-54891

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...

6.3CVSS0.00135EPSS
Exploits0References5
debiancve
debiancve
added 2026/07/02 4:6 p.m.7 views

CVE-2026-54891

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...

6.3CVSS5.8AI score0.00135EPSS
Exploits0
nvd
nvd
added 2026/07/01 8:16 a.m.8 views

CVE-2026-12576

DVP80ES3 with Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability...

7.5CVSS0.00153EPSS
Exploits0References1
euvd
euvd
added 2026/07/01 7:1 a.m.8 views

EUVD-2026-40931

DVP80ES3 with Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References1
cve
cve
added 2026/07/01 7:1 a.m.20 views

CVE-2026-12576

Technical details about CVE-2026-12576 are not publicly available in the provided documents. Monitor for updates from official sources for affected components, impact, and remediation information.

7.5CVSS5.8AI score0.00263EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/07/01 7:1 a.m.9 views

CVE-2026-12576 DVP80ES3 Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability

DVP80ES3 with Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References1
cvelist
cvelist
added 2026/07/01 7:1 a.m.35 views

CVE-2026-12576 DVP80ES3 Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability

DVP80ES3 with Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability...

7.5CVSS0.00153EPSS
Exploits0References1
redhat
redhat
added 2026/06/11 1:24 p.m.19 views

openssl: AES-OCB IV Ignored on EVP_Cipher() Path

A flaw was found in OpenSSL. Applications that use the AES-OCB encryption method with a specific one-shot interface EVPCipher will have their provided Initialization Vector IV silently discarded. This leads to the same internal cryptographic value being used repeatedly, which compromises the...

7.5CVSS5.5AI score0.0032EPSS
Exploits0References4
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Heimdal

The fix for CVE-2022-3437 involved changing the memcmp function to run in constant time, as well as providing a workaround for a compiler bug by adding comparisons of the result of memcmp with the value “!= 0”. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and...

7.5CVSS6.8AI score0.00491EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/04/01 12:0 a.m.9 views

Corosync 输入验证错误漏洞

Corosync is an open-source cluster engine developed by The Corosync Cluster Engine. Corosync has a vulnerability in input validation, which stems from integer overflows in the message integrity verification process. This vulnerability may lead to service crashes and denial-of-service attacks...

7.5CVSS5.8AI score0.00994EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2026/02/19 9:25 p.m.5 views

CVE-2026-26275 httpsig-hyper has Improper Digest Verification that May Allow Message Integrity Bypass

httpsig-hyper is a hyper extension for http message signatures. An issue was discovered in httpsig-hyper prior to version 0.0.23 where Digest header verification could incorrectly succeed due to misuse of Rust's matches! macro. Specifically, the comparison if matches!digest, expecteddigest treate...

7.5CVSS5.7AI score0.00162EPSS
Exploits0References5
osv
osv
added 2026/02/19 9:25 p.m.6 views

CVE-2026-26275 httpsig-hyper has Improper Digest Verification that May Allow Message Integrity Bypass

httpsig-hyper is a hyper extension for http message signatures. An issue was discovered in httpsig-hyper prior to version 0.0.23 where Digest header verification could incorrectly succeed due to misuse of Rust's matches! macro. Specifically, the comparison if matches!digest, expecteddigest treate...

7.5CVSS5.7AI score0.00162EPSS
Exploits0References7
github
github
added 2026/02/17 9:29 p.m.8 views

Improper Digest Verification in httpsig-hyper May Allow Message Integrity Bypass

Impact An issue was discovered in httpsig-hyper where Digest header verification could incorrectly succeed due to misuse of Rust's matches! macro. Specifically, the comparison: rust if matches!digest, expecteddigest treated expecteddigest as a pattern binding rather than a value comparison,...

7.5CVSS5.6AI score0.00162EPSS
Exploits0References7Affected Software1
nessus
nessus
added 2025/12/18 12:0 a.m.3 views

EulerOS Virtualization 2.13.0 : krb5 (EulerOS-SA-2025-2582)

According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesse...

5.9CVSS6.8AI score0.00308EPSS
Exploits0References2
nessus
nessus
added 2025/12/15 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: krb5 (UTSA-2025-991244)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991244 advisory. A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If...

5.9CVSS6.8AI score0.00308EPSS
Exploits0References4
nvd
nvd
added 2025/12/08 2:15 a.m.11 views

CVE-2023-53769

In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integrity. Instead, copy...

0.00108EPSS
Exploits0References4
debiancve
debiancve
added 2025/12/08 1:19 a.m.3 views

CVE-2023-53769

In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integrity. Instead, copy...

5.1AI score0.00108EPSS
Exploits0
nessus
nessus
added 2025/11/12 12:0 a.m.5 views

EulerOS 2.0 SP10 : krb5 (EulerOS-SA-2025-2391)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5...

5.9CVSS6.9AI score0.00308EPSS
Exploits0References2
cnvd
cnvd
added 2025/10/17 12:0 a.m.7 views

F5 BIG-IP TMM Data Tampering Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A data tampering vulnerability exists in the TMM module of BIG-IP, which arises because undisclosed traffic can lead to data...

6.3CVSS7AI score0.00231EPSS
Exploits0References1
euvd
euvd
added 2025/10/15 3:30 p.m.6 views

EUVD-2025-34644

On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification in protocols which do not have message integrity protection. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.3CVSS6.4AI score0.00231EPSS
Exploits0References2
Rows per page
Query Builder