Lucene search
+L

222 matches found

Prion
Prion
added 2023/10/25 6:17 p.m.84 views

Design/Logic Flaw

Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...

5CVSS7.2AI score0.03332EPSS
Exploits0References8Affected Software2
Debian CVE
Debian CVE
added 2023/10/24 3:31 p.m.84 views

CVE-2023-5363

Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...

7.5CVSS6.8AI score0.03332EPSS
Exploits0
Cvelist
Cvelist
added 2023/10/24 3:31 p.m.38 views

CVE-2023-5363 Incorrect cipher key & IV length processing

Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...

7.7AI score0.03332EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2023/10/24 3:31 p.m.90 views

CVE-2023-5363

Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...

7.5CVSS7.7AI score0.03332EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/10/11 12:0 a.m.27 views

Juniper Junos OS Multiple Vulnerabilities (JSA73176)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA73176 advisory. - AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This...

10CVSS8.3AI score0.44881EPSS
Exploits3References4
Broadcom
Broadcom
added 2023/08/01 12:0 a.m.50 views

AES OCB fails to encrypt some bytes

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption...

5.3CVSS7.4AI score0.04425EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/06/27 1:25 a.m.4 views

SUSE CVE-2023-36660

The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...

6.1CVSS5.8AI score0.01023EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2023/06/26 9:17 a.m.19 views

CVE-2023-36660

A vulnerability was found in Nettle. The issue occurs in the new Offset Code Book OCB code and may cause a denial of service or other problems, leading to memory corruption...

5.3CVSS7.1AI score0.01023EPSS
Exploits0References4
NVD
NVD
added 2023/06/25 10:15 p.m.17 views

CVE-2023-36660

The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...

9.8CVSS9.5AI score0.01023EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/06/25 10:15 p.m.5 views

CVE-2023-36660

The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...

9.8CVSS6.7AI score0.01023EPSS
Exploits0References5
Prion
Prion
added 2023/06/25 10:15 p.m.24 views

Memory corruption

The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...

7.5CVSS9.4AI score0.01023EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2023/06/25 10:15 p.m.36 views

CVE-2023-36660

The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...

9.8CVSS6.4AI score0.01023EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2023/06/25 12:0 a.m.46 views

CVE-2023-36660

The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...

9.8CVSS6.4AI score0.01023EPSS
Exploits0
Cvelist
Cvelist
added 2023/06/25 12:0 a.m.30 views

CVE-2023-36660

The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...

9.7AI score0.01023EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/06/25 12:0 a.m.6 views

Linux Nettle 缓冲区错误漏洞

Linux Nettle is an American open source application for Linux. Contains a cryptographic library designed to fit easily into many situations at a low level. A security vulnerability exists in Linux Nettle version 3.9 up to and including version 3.9.1, which stems from an OCB feature in libnettle...

9.8CVSS6.2AI score0.01023EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/06/25 12:0 a.m.6 views

PT-2023-25663 · Nettle · Nettle

Name of the Vulnerable Software and Affected Versions: Nettle versions 3.9 through 3.9.0 Description: The issue allows memory corruption due to a problem in the OCB feature in libnettle. Recommendations: For versions 3.9 through 3.9.0, update to version 3.9.1 or later to resolve the issue...

9.8CVSS6.3AI score0.01023EPSS
Exploits0References9
OSV
OSV
added 2023/06/25 12:0 a.m.5 views

CVE-2023-36660

The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption...

9.8CVSS5.8AI score0.01023EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/06/13 12:0 a.m.33 views

EulerOS Virtualization 3.0.6.0 : openssl (EulerOS-SA-2023-2242)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the da...

7.5CVSS7.6AI score0.59501EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2023/06/12 12:0 a.m.35 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-2242)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.59501EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/24 12:0 a.m.54 views

Tenable Sensor Proxy < 1.0.7 Multiple Vulnerabilities (TNS-2023-15)

According to its self-reported version, the Tenable Sensor Proxy application running on the remote host is version 1.0.6. It is, therefore, affected by multiple vulnerabilities in OpenSSL prior to version 1.1.1t: - An attacker that had observed a genuine connection between a client and a server...

7.5CVSS7.2AI score0.20444EPSS
Exploits0References6
Rows per page
Query Builder