Tag

Cryptography

4 briefs RSS

CVE-2026-1005 Integer Underflow in AES-GCM/CCM/ARIA-GCM Decryption

CVE-2026-1005 is an integer underflow vulnerability in a Microsoft product that leads to out-of-bounds memory access during AES-GCM/CCM/ARIA-GCM decryption processes, potentially allowing for code execution or information disclosure.

cve cryptography memory corruption aes-gcm

2r 1t 1c 4d ago

high advisory

Suspicious PowerShell Script Using Cryptography Namespace

2 rules 1 TTP

The analytic detects suspicious PowerShell script execution involving the cryptography namespace (excluding SHA and MD5) via EventCode 4104, often associated with malware that decrypts or decodes additional malicious payloads leading to further code execution, privilege escalation, or persistence.

Splunk Enterprise +2 powershell cryptography malware asyncrat xworm vip keylogger

2r 1t Jan 3, 2024

high advisory

Heap/Stack Overflow in rust-openssl with OpenSSL 1.1.x

2 rules

The rust-openssl crate's `Deriver::derive` and `PkeyCtxRef::derive` functions can cause heap/stack overflows when used with OpenSSL 1.1.x due to insufficient buffer length validation in X25519, X448, DH, and HKDF-extract, affecting rust-openssl versions >= 0.9.27 and < 0.10.78.

openssl buffer-overflow rust cryptography

2r Jan 3, 2024

high advisory

CVE-2018-0735 ECDSA Signature Generation Timing Attack

2 rules 1 TTP 1 CVE

CVE-2018-0735 is a timing attack vulnerability in ECDSA signature generation affecting Microsoft products, potentially allowing attackers to recover private keys.

ecdsa timing-attack cryptography

2r 1t 1c Jan 2, 2024