76 matches found
Astra Linux – Vulnerability in openssl1.0
There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...
JLSEC-2026-216 There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with...
There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...
CVE-2026-33488
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...
CVE-2026-33488 AVideo has a PGP 2FA Bypass via Cryptographically Broken 512-bit RSA Key Generation in LoginControl Plugin
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...
CVE-2026-33488
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...
CVE-2026-33488 AVideo has a PGP 2FA Bypass via Cryptographically Broken 512-bit RSA Key Generation in LoginControl Plugin
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...
CVE-2026-33488 AVideo has a PGP 2FA Bypass via Cryptographically Broken 512-bit RSA Key Generation in LoginControl Plugin
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...
CVE-2026-33488
WWBN AVideo CVE-2026-33488 affects versions up to 26.0 where the LoginControl plugin’s PGP 2FA key generation uses 512-bit RSA keys. The 512-bit modulus is factorable and, if an attacker obtains a user’s public key, can be factored on commodity hardware to derive the private key and decrypt 2FA c...
GHSA-6M5F-J7W2-W953 AVideo has a PGP 2FA Bypass via Cryptographically Broken 512-bit RSA Key Generation in LoginControl Plugin
Summary The createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the 512-bit RSA modulus on commodity hardware in hours, derive the complete private...
Inadequate Encryption Strength
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of weak cryptographic key generation in the createKeys function. An attacker can gain unauthorized access to protecte...
PT-2026-26774
Summary The createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the 512-bit RSA modulus on commodity hardware in hours, derive the complete private...
OpenSSL 1.1.1 < 1.1.1e Vulnerability
The version of OpenSSL installed on the remote host is prior to 1.1.1e. It is, therefore, affected by a vulnerability as referenced in the 1.1.1e advisory. - There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are...
SUSE CVE-2019-1551
There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...
The vulnerability of the encryption algorithm implementation according to GOST 34.12 in the CTR_OMAC library, which is used in the implementation of the OpenSSL protocol, allows a perpetrator to trigger buffer overflows, provided that the server uses 512-bit secret keys.
The vulnerability of the encryption algorithm implementation according to GOST 34.12 for the CTROMAC library, used in the implementation of the OpenSSL protocol, is related to errors in processing the encryption key for the BLOB object a large binary object in the...
DEBIAN-CVE-2022-29242
GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite TLSGOSTR341112256WITHKUZNYECHIKCTROMAC is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1...
CVE-2022-29242
GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite TLSGOSTR341112256WITHKUZNYECHIKCTROMAC is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Tivoli Storage Productivity Center (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Tivoli Storage Productivity Center. UPDATED 1/29/2018: Even after fixing this vulnerability some vulnerability checks might still demand for an even tighter fix. A more comprehensive fix has bee...
NewStart CGSL MAIN 6.02 : openssl Multiple Vulnerabilities (NS-SA-2021-0086)
The remote NewStart CGSL host, running version MAIN 6.02, has openssl packages installed that are affected by multiple vulnerabilities: - There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggest...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM DataQuant for Workstation (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM DataQuant for Workstation. Vulnerability Details CVEID: CVE-2015-4000 The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey...
openssl: Integer overflow in RSAZ modular exponentiation on x86_64
An integer overflow was found in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. As per upstream: No EC algorithms are affected. Attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...