222 matches found
Design/Logic Flaw
Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...
CVE-2023-5363
Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...
CVE-2023-5363 Incorrect cipher key & IV length processing
Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...
CVE-2023-5363
Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...
Juniper Junos OS Multiple Vulnerabilities (JSA73176)
The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA73176 advisory. - AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This...
AES OCB fails to encrypt some bytes
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption...
SUSE CVE-2023-36660
The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...
CVE-2023-36660
A vulnerability was found in Nettle. The issue occurs in the new Offset Code Book OCB code and may cause a denial of service or other problems, leading to memory corruption...
CVE-2023-36660
The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...
CVE-2023-36660
The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...
Memory corruption
The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...
CVE-2023-36660
The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...
CVE-2023-36660
The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...
CVE-2023-36660
The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...
Linux Nettle 缓冲区错误漏洞
Linux Nettle is an American open source application for Linux. Contains a cryptographic library designed to fit easily into many situations at a low level. A security vulnerability exists in Linux Nettle version 3.9 up to and including version 3.9.1, which stems from an OCB feature in libnettle...
PT-2023-25663 · Nettle · Nettle
Name of the Vulnerable Software and Affected Versions: Nettle versions 3.9 through 3.9.0 Description: The issue allows memory corruption due to a problem in the OCB feature in libnettle. Recommendations: For versions 3.9 through 3.9.0, update to version 3.9.1 or later to resolve the issue...
CVE-2023-36660
The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...
EulerOS Virtualization 3.0.6.0 : openssl (EulerOS-SA-2023-2242)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the da...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-2242)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Tenable Sensor Proxy < 1.0.7 Multiple Vulnerabilities (TNS-2023-15)
According to its self-reported version, the Tenable Sensor Proxy application running on the remote host is version 1.0.6. It is, therefore, affected by multiple vulnerabilities in OpenSSL prior to version 1.1.1t: - An attacker that had observed a genuine connection between a client and a server...