Linux Distros Unpatched Vulnerability : CVE-2022-2274

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA...

PT-2025-32241 · Unknown · Thinbus-Srp-Npm

Name of the Vulnerable Software and Affected Versions: thinbus-srp-npm versions 2.0.0 and below Description: A protocol compliance bug exists in the Javascript Secure Remote Password implementation, specifically in the client's entropy generation. The client generates a fixed 252 bits of entropy...

Benchmarking RSA Key Generation

RSA key generation is both conceptually simple, and one of the worst implementation tasks of the field of cryptography engineering. Even benchmarking it is tricky, and involves some math: here’s how we generated a stable but representative “average case” instead of using the ordinary statistical...

RHEL 8 : libtpms (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtpms: out-of-bounds access when trying to resume the state of the vTPM CVE-2021-3623 - A flaw was foun...

curl security update

7.29.0-59.0.3.el79.2 - load CA certificates even with --insecure Orabug: 32836997 - Fix TFTP small blocksize heap buffer overflow https://curl.haxx.se/docs/CVE-2019-5482.htmlCVE-2019-5482Orabug: 30568724 - Security Fixes OraBug: 28939992 - CVE-2016-8615 cookie injection for other servers...

K59313410: OpenSSL vulnerability CVE-2022-2274

Security Advisory Description The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during...

SUSE CVE-2017-7526

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This...

Exploit for Out-of-bounds Write in Openssl

CVE-2022-2274 A POC OF CVE-2022-2274 openssl The OpenSSL 3...

RUSTSEC-2022-0033 Heap memory corruption with RSA private key operation

The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a...

openssl-src heap memory corruption with RSA private key operation

The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a...

GHSA-735F-PG76-FXC4 openssl-src heap memory corruption with RSA private key operation

The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a...

CVE-2022-2274

The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a...

Memory corruption

The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a...

CVE-2022-2274

The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a...

CVE-2022-2274

The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a...

Design/Logic Flaw

A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit keys with 1984 bit strength due to a bug in the TCG specification. The bug is in the key creation algorithm in RsaAdjustPrimeCandidate, which is called before the prime number check. The highest threat...

SUSE: Security Advisory (SUSE-SU-2015:1344-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2020:2988-1)

This update for gnutls fixes the following issues : Fix heap buffer overflow in handshake with norenegotiation alert sent CVE-2020-24659 bsc1176181 FIPS: Implement ECDH requirements from SP800-56Arev3 bsc1176086 FIPS: Use 2048 bit prime in DH selftest bsc1176086 FIPS: Add TLS KDF selftest...

openSUSE: Security Advisory for gnutls (openSUSE-SU-2020:1743-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for gnutls (moderate)

openSUSE Security Update: Security update for gnutls Announcement ID: openSUSE-SU-2020:1743-1 Rating: moderate References: 1176086 1176181 1176671 Cross-References: CVE-2020-24659 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has two fixes is now available...