75 matches found
Astra Linux - уязвимость в openssl1.0
There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...
JLSEC-2026-216 There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with...
There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...
CVE-2026-33488
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...
CVE-2026-33488 AVideo has a PGP 2FA Bypass via Cryptographically Broken 512-bit RSA Key Generation in LoginControl Plugin
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...
CVE-2026-33488 AVideo has a PGP 2FA Bypass via Cryptographically Broken 512-bit RSA Key Generation in LoginControl Plugin
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...
CVE-2026-33488
CVE-2026-33488 (AVideo LoginControl plugin) is documented in the GHSA advisory as a vulnerability where the LoginControl plugin generates 512-bit RSA keys for PGP 2FA. The 512-bit keys are publicly factorizable since 1999, enabling an attacker who obtains a target public key to factor the modulus...
CVE-2026-33488
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...
CVE-2026-33488 AVideo has a PGP 2FA Bypass via Cryptographically Broken 512-bit RSA Key Generation in LoginControl Plugin
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...
GHSA-6M5F-J7W2-W953 AVideo has a PGP 2FA Bypass via Cryptographically Broken 512-bit RSA Key Generation in LoginControl Plugin
Summary The createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the 512-bit RSA modulus on commodity hardware in hours, derive the complete private...
Inadequate Encryption Strength
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of weak cryptographic key generation in the createKeys function. An attacker can gain unauthorized access to protecte...
PT-2026-26774
Summary The createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the 512-bit RSA modulus on commodity hardware in hours, derive the complete private...
OpenSSL 1.1.1 < 1.1.1e Vulnerability
The version of OpenSSL installed on the remote host is prior to 1.1.1e. It is, therefore, affected by a vulnerability as referenced in the 1.1.1e advisory. - There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are...
SUSE CVE-2019-1551
There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...
DEBIAN-CVE-2022-29242
GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite TLSGOSTR341112256WITHKUZNYECHIKCTROMAC is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1...
CVE-2022-29242
GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite TLSGOSTR341112256WITHKUZNYECHIKCTROMAC is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Tivoli Storage Productivity Center (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Tivoli Storage Productivity Center. UPDATED 1/29/2018: Even after fixing this vulnerability some vulnerability checks might still demand for an even tighter fix. A more comprehensive fix has bee...
NewStart CGSL MAIN 6.02 : openssl Multiple Vulnerabilities (NS-SA-2021-0086)
The remote NewStart CGSL host, running version MAIN 6.02, has openssl packages installed that are affected by multiple vulnerabilities: - There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggest...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM DataQuant for Workstation (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM DataQuant for Workstation. Vulnerability Details CVEID: CVE-2015-4000 The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey...
openssl: Integer overflow in RSAZ modular exponentiation on x86_64
An integer overflow was found in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. As per upstream: No EC algorithms are affected. Attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...
CVE-2020-10125
NCR SelfServ ATMs running APTRA XFS 04.02.01 and 05.01.00 implement 512-bit RSA certificates to validate bunch note acceptor BNA software updates, which can be broken by an attacker with physical access in a sufficiently short period of time, thereby enabling the attacker to sign arbitrary files...