164 matches found
CVE-2026-54891
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...
CVE-2026-54891
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tlsgenconnection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data. The...
CVE-2026-12576
DVP80ES3 with Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability...
EUVD-2026-40931
DVP80ES3 with Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability...
CVE-2026-12576
Technical details about CVE-2026-12576 are not publicly available in the provided documents. Monitor for updates from official sources for affected components, impact, and remediation information.
CVE-2026-12576 DVP80ES3 Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability
DVP80ES3 with Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability...
CVE-2026-12576 DVP80ES3 Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability
DVP80ES3 with Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability...
openssl: AES-OCB IV Ignored on EVP_Cipher() Path
A flaw was found in OpenSSL. Applications that use the AES-OCB encryption method with a specific one-shot interface EVPCipher will have their provided Initialization Vector IV silently discarded. This leads to the same internal cryptographic value being used repeatedly, which compromises the...
Astra Linux – Vulnerability in Heimdal
The fix for CVE-2022-3437 involved changing the memcmp function to run in constant time, as well as providing a workaround for a compiler bug by adding comparisons of the result of memcmp with the value “!= 0”. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and...
Corosync 输入验证错误漏洞
Corosync is an open-source cluster engine developed by The Corosync Cluster Engine. Corosync has a vulnerability in input validation, which stems from integer overflows in the message integrity verification process. This vulnerability may lead to service crashes and denial-of-service attacks...
CVE-2026-26275 httpsig-hyper has Improper Digest Verification that May Allow Message Integrity Bypass
httpsig-hyper is a hyper extension for http message signatures. An issue was discovered in httpsig-hyper prior to version 0.0.23 where Digest header verification could incorrectly succeed due to misuse of Rust's matches! macro. Specifically, the comparison if matches!digest, expecteddigest treate...
CVE-2026-26275 httpsig-hyper has Improper Digest Verification that May Allow Message Integrity Bypass
httpsig-hyper is a hyper extension for http message signatures. An issue was discovered in httpsig-hyper prior to version 0.0.23 where Digest header verification could incorrectly succeed due to misuse of Rust's matches! macro. Specifically, the comparison if matches!digest, expecteddigest treate...
Improper Digest Verification in httpsig-hyper May Allow Message Integrity Bypass
Impact An issue was discovered in httpsig-hyper where Digest header verification could incorrectly succeed due to misuse of Rust's matches! macro. Specifically, the comparison: rust if matches!digest, expecteddigest treated expecteddigest as a pattern binding rather than a value comparison,...
EulerOS Virtualization 2.13.0 : krb5 (EulerOS-SA-2025-2582)
According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesse...
Unity Linux 20.1070e Security Update: krb5 (UTSA-2025-991244)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991244 advisory. A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If...
CVE-2023-53769
In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integrity. Instead, copy...
CVE-2023-53769
In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integrity. Instead, copy...
EulerOS 2.0 SP10 : krb5 (EulerOS-SA-2025-2391)
According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5...
F5 BIG-IP TMM Data Tampering Vulnerability
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A data tampering vulnerability exists in the TMM module of BIG-IP, which arises because undisclosed traffic can lead to data...
EUVD-2025-34644
On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification in protocols which do not have message integrity protection. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...