23 matches found
CVE-2026-5477
An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...
CVE-2026-29144
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge security tags using Unicode lookalike characters...
CVE-2026-29144
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge security tags using Unicode lookalike characters...
CVE-2026-29141 Bounded Subject Tag Sanitization
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge tags such as signed OK...
SEPPmail Secure Email Gateway 安全漏洞
SEPPmail Secure Email Gateway is an email security gateway developed by the German company SEPPmail. Versions of SEPPmail Secure Email Gateway prior to version 15.0.3 contained security vulnerabilities. These vulnerabilities stemmed from allowing attackers to bypass subject cleanup and forge tags...
BIT-CEPH-2020-1759
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the...
EUVD-2026-12099
simplesamlphp/xml-security: Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption...
Linux Distros Unpatched Vulnerability : CVE-2018-1000539
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nov json-jwt version = 0.5.0 && = 0.5.0 && 1.9.4 contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability in Decryption of AES-GCM...
RHEL 7 : python-cryptography (RHSA-2018:3600)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:3600 advisory. The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and...
SUSE: Security Advisory (SUSE-SU-2020:0790-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ceph: secure mode of msgr2 breaks both confidentiality and integrity aspects for long-lived sessions
A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious...
SUSE SLES12 Security Update : python-cffi, python-cryptography, python-xattr (SUSE-SU-2020:0790-1)
This update for python-cffi, python-cryptography and python-xattr fixes the following issues : Security issue fixed : CVE-2018-10903: Fixed GCM tag forgery via truncated tag in finalizewithtag API bsc1101820. Non-security issues fixed : python-cffi was updated to 1.11.2 bsc1138748, jscECO-1256,...
SUSE-SU-2020:0792-1 Security update for python-cffi, python-cryptography
This update for python-cffi, python-cryptography fixes the following issues: Security issue fixed: - CVE-2018-10903: Fixed GCM tag forgery via truncated tag in finalizewithtag API bsc1101820. Non-security issues fixed: python-cffi was updated to 1.11.2 bsc1138748, jscECO-1256, jscPM-1598: - fixed...
python-cryptography: GCM tag forgery via truncated tag in finalize_with_tag API
A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...
Moderate: Red Hat Security Advisory: python-cryptography security update
An update for python-cryptography is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Fedora 27 : python-cryptography / python-cryptography-vectors (2018-06c24068c6)
New upstream release 2.3 Fixes possible tag truncation security bug in AEAD API, see RHBZ1602752 2.3 - 2018-07-18 - SECURITY ISSUE: finalizewithtag allowed tag truncation by default which can allow tag forgery in some cases. The method now enforces the mintaglength provided to the GCM constructor...
GHSA-FCF9-3QW3-GXMJ PyCA Cryptography vulnerable to GCM tag forgery
A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...
PyCA Cryptography vulnerable to GCM tag forgery
A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...
PYSEC-2018-52
A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...
Input validation
A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...