Lucene search
K

76 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in openssl1.0

There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...

5.3CVSS6.6AI score0.14298EPSS
Exploits0References1
OSV
OSV
added 2026/04/27 6:33 p.m.13 views

JLSEC-2026-216 There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with...

There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...

5.3CVSS6.3AI score0.14298EPSS
Exploits0References37
NVD
NVD
added 2026/03/23 4:16 p.m.5 views

CVE-2026-33488

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...

8.1CVSS0.00251EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/23 3:23 p.m.22 views

CVE-2026-33488 AVideo has a PGP 2FA Bypass via Cryptographically Broken 512-bit RSA Key Generation in LoginControl Plugin

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...

7.4CVSS0.00251EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/23 3:23 p.m.5 views

CVE-2026-33488

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...

7.4CVSS5.7AI score0.00251EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/23 3:23 p.m.3 views

CVE-2026-33488 AVideo has a PGP 2FA Bypass via Cryptographically Broken 512-bit RSA Key Generation in LoginControl Plugin

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...

7.4CVSS5.7AI score0.00251EPSS
Exploits1References2
OSV
OSV
added 2026/03/23 3:23 p.m.5 views

CVE-2026-33488 AVideo has a PGP 2FA Bypass via Cryptographically Broken 512-bit RSA Key Generation in LoginControl Plugin

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...

7.4CVSS5.8AI score0.00251EPSS
Exploits1References4
CVE
CVE
added 2026/03/23 3:23 p.m.10 views

CVE-2026-33488

WWBN AVideo CVE-2026-33488 affects versions up to 26.0 where the LoginControl plugin’s PGP 2FA key generation uses 512-bit RSA keys. The 512-bit modulus is factorable and, if an attacker obtains a user’s public key, can be factored on commodity hardware to derive the private key and decrypt 2FA c...

8.1CVSS5.7AI score0.00251EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/20 8:49 p.m.4 views

GHSA-6M5F-J7W2-W953 AVideo has a PGP 2FA Bypass via Cryptographically Broken 512-bit RSA Key Generation in LoginControl Plugin

Summary The createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the 512-bit RSA modulus on commodity hardware in hours, derive the complete private...

7.4CVSS5.9AI score0.00251EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/20 8:49 p.m.3 views

Inadequate Encryption Strength

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of weak cryptographic key generation in the createKeys function. An attacker can gain unauthorized access to protecte...

9.2CVSS5.8AI score0.00251EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.5 views

PT-2026-26774

Summary The createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the 512-bit RSA modulus on commodity hardware in hours, derive the complete private...

7.4CVSS5.9AI score0.00251EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/06/07 12:0 a.m.19 views

OpenSSL 1.1.1 < 1.1.1e Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.1.1e. It is, therefore, affected by a vulnerability as referenced in the 1.1.1e advisory. - There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are...

5.3CVSS6.9AI score0.14298EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:19 a.m.4 views

SUSE CVE-2019-1551

There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...

5.3CVSS6.7AI score0.14298EPSS
Exploits0References57
BDU FSTEC
BDU FSTEC
added 2022/05/26 12:0 a.m.3 views

The vulnerability of the encryption algorithm implementation according to GOST 34.12 in the CTR_OMAC library, which is used in the implementation of the OpenSSL protocol, allows a perpetrator to trigger buffer overflows, provided that the server uses 512-bit secret keys.

The vulnerability of the encryption algorithm implementation according to GOST 34.12 for the CTROMAC library, used in the implementation of the OpenSSL protocol, is related to errors in processing the encryption key for the BLOB object a large binary object in the...

5.9CVSS7.4AI score0.01563EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2022/05/24 3:15 p.m.2 views

DEBIAN-CVE-2022-29242

GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite TLSGOSTR341112256WITHKUZNYECHIKCTROMAC is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1...

7.5CVSS7.7AI score0.01563EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2022/05/24 2:55 p.m.35 views

CVE-2022-29242

GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite TLSGOSTR341112256WITHKUZNYECHIKCTROMAC is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1...

7.5CVSS7.6AI score0.01563EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/22 7:50 p.m.48 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Tivoli Storage Productivity Center (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Tivoli Storage Productivity Center. UPDATED 1/29/2018: Even after fixing this vulnerability some vulnerability checks might still demand for an even tighter fix. A more comprehensive fix has bee...

4.3CVSS4.5AI score0.9986EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.205 views

NewStart CGSL MAIN 6.02 : openssl Multiple Vulnerabilities (NS-SA-2021-0086)

The remote NewStart CGSL host, running version MAIN 6.02, has openssl packages installed that are affected by multiple vulnerabilities: - There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggest...

5.9CVSS6.8AI score0.14298EPSS
Exploits3References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/12 1:59 p.m.35 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM DataQuant for Workstation (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM DataQuant for Workstation. Vulnerability Details CVEID: CVE-2015-4000 The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey...

4.3CVSS0.7AI score0.9986EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2020/10/28 4:2 p.m.5 views

openssl: Integer overflow in RSAZ modular exponentiation on x86_64

An integer overflow was found in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. As per upstream: No EC algorithms are affected. Attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...

5.3CVSS6.6AI score0.14298EPSS
Exploits0References6
Rows per page
Query Builder