Lucene search
K

30 matches found

RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-14570

A flaw was found in Crypt::DSA. Versions before 1.22 for Perl use a biased random number generator when creating the Digital Signature Algorithm DSA signing nonce and private key. This bias allows a remote attacker to recover the private key through a lattice attack if they collect a sufficient...

7.5CVSS5.8AI score0.00209EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 4 : openssl-1.0.1e-48.3.0.1.AXS4 (AXSA:2016-686:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-686:04 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

9.8CVSS7.9AI score0.63029EPSS
Exploits2References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-4263

Malware in sbrugna...

7.8CVSS6.4AI score0.01426EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-3263

Malware in sbrugna...

5.5CVSS7.5AI score0.01174EPSS
Exploits1References80
RedhatCVE
RedhatCVE
added 2025/05/21 8:18 p.m.7 views

CVE-2009-4295

Sun Ray Server Software 4.0 and 4.1 does not generate a unique DSA private key for the firmware on each Sun Ray 1, 1g, 100, and 150 DTU device, which makes it easier for remote attackers to obtain sensitive information by predicting a key and then using it to decrypt sniffed network traffic...

7.8CVSS6.6AI score0.01426EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.36 views

Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2019-2509)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.99999EPSS
Exploits17References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.43 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2016-1047)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.63029EPSS
Exploits2References2
OSV
OSV
added 2018/10/17 4:24 p.m.2 views

GHSA-RRVX-PWF8-P59P In Bouncy Castle JCE Provider the DSA key pair generator generates a weak private key if used with default values

In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair generator is not explicitly initialised with DSA parameters, 1.55 and earlier generates a private value assuming a 1024 bit key size...

7.5CVSS5.8AI score0.03174EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2017/06/09 12:0 a.m.70 views

F5 Networks BIG-IP : OpenSSL vulnerability (K53084033)

The dsasignsetup function in crypto/dsa/dsaossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. CVE-2016-2178 File data f5bigipSOL53084033.nasl...

5.5CVSS7.8AI score0.01174EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2016/06/29 12:0 a.m.23 views

OpenSSL Multiple Vulnerabilities -19 (Jun 2016) - Linux

OpenSSL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescription...

9.8CVSS8.3AI score0.44505EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2016/06/29 12:0 a.m.38 views

OpenSSL Multiple Vulnerabilities - 19 (Jun 2016) - Windows

OpenSSL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescription...

9.8CVSS8.3AI score0.44505EPSS
Exploits1References2
Cvelist
Cvelist
added 2016/06/20 12:0 a.m.33 views

CVE-2016-2178

The dsasignsetup function in crypto/dsa/dsaossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack...

7.3AI score0.01174EPSS
Exploits1References69
OSV
OSV
added 2016/06/19 12:0 a.m.6 views

UBUNTU-CVE-2016-2178

The dsasignsetup function in crypto/dsa/dsaossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack...

5.5CVSS6.8AI score0.01174EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2016/06/19 12:0 a.m.40 views

CVE-2016-2178

The dsasignsetup function in crypto/dsa/dsaossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack...

5.5CVSS6.8AI score0.01174EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2016/05/16 12:0 a.m.59 views

Oracle Linux 6 : openssl (ELSA-2016-0996)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0996 advisory. - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding...

10CVSS8AI score0.89058EPSS
Exploits8References8
Oracle linux
Oracle linux
added 2016/05/09 12:0 a.m.92 views

openssl security update

1.0.1e-51.5 - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when readi...

10CVSS2AI score0.89058EPSS
Exploits8
IBM AIX
IBM AIX
added 2016/04/04 11:4 a.m.219 views

Multiple vulnerabilities in OpenSSL affect AIX

IBM SECURITY ADVISORY First Issued: Mon Apr 4 11:04:25 CDT 2016 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/openssladvisory18.asc https://aix.software.ibm.com/aix/efixes/security/openssladvisory18.asc...

10CVSS9.1AI score0.82112EPSS
Exploits2
Amazon
Amazon
added 2016/03/10 12:0 a.m.86 views

Important: openssl

Issue Overview: A padding oracle flaw was found in the Secure Sockets Layer version 2.0 SSLv2 protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This...

10CVSS8.9AI score0.82112EPSS
Exploits2
NVD
NVD
added 2016/03/03 8:59 p.m.21 views

CVE-2016-0705

Double free vulnerability in the dsaprivdecode function in crypto/dsa/dsaameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a malformed DSA private key...

10CVSS7AI score0.26335EPSS
Exploits1References57
OSV
OSV
added 2016/03/03 8:59 p.m.10 views

CVE-2016-0705

Double free vulnerability in the dsaprivdecode function in crypto/dsa/dsaameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a malformed DSA private key...

9.8CVSS7.8AI score
Exploits0References57
Rows per page
Query Builder