CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message...

Stack overflow

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message...

CVE-2022-33264 Stack-based buffer overflow in Modem

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message...

CVE-2022-33264 Stack-based buffer overflow in Modem

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message...

CVE-2022-33264

CVE-2022-33264 is a memory corruption issue in Qualcomm modem components caused by a stack-based buffer overflow during parsing of OTASP Key Generation Request Messages. Affects Qualcomm closed-source/modem firmware; CVSS base score ~7.8–7.9 HIGH with LOCAL exploit. The issue is discussed in Qual...

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a modem memory corruption due to a stack-based buffer overflow when parsing OTASP key generation request messages...

CVE-2022-43485 Insecure random number used for generating keys for signing Jwt tokens

Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow attacker to manipulate claims in client's JWT token. This issue affects OneWireless version 322.1...

Sh4D0Wup - Signing-key Abuse And Update Exploitation Framework

Signing-key abuse and update exploitation framework. % docker run -it --rm ghcr.io/kpcyrd/sh4d0wup:edge -h Usage: sh4d0wup OPTIONS Commands: bait Start a malicious update server front Bind a http/https server but forward everything unmodified infect High level tampering, inject additional command...

IO FinNet tss-lib vulnerable to timing attack from non-constant time scalar multiplication

io.finnet tss-lib before 2.0.0 can leak a secret key via a timing side-channel attack because it relies on the scalar-multiplication implementation in Go crypto/elliptic, which is not constant time there is an if statement in a loop. One leak is in ecdsa/keygen/round2.go. bnb-chain/tss-lib and...

CVE-2023-26556

io.finnet tss-lib before 2.0.0 can leak a secret key via a timing side-channel attack because it relies on the scalar-multiplication implementation in Go crypto/elliptic, which is not constant time there is an if statement in a loop. One leak is in ecdsa/keygen/round2.go. bnb-chain/tss-lib and...

SUSE-SU-2023:1704-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: Security fixes: - CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints bsc1209624. Other fixes: - Fix DH key generation in FIPS mode, add support for constant BN for DH parameters bsc1202062...

SUSE-SU-2023:1703-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: Security fixes: - CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints bsc1209624. Other fixes: - Fix DH key generation in FIPS mode, add support for constant BN for DH parameters bsc1202062...

Cisco Adaptive Security Appliances Software 安全特征问题漏洞

Cisco Adaptive Security Appliances Software ASA Software is a set of firewalls and network security platforms from the U.S. company Cisco Cisco. The platform provides features such as highly secure access to data and network resources. A security vulnerability exists in Cisco Adaptive Security...

SUSE-SU-2023:0684-1 Security update for openssl

This update for openssl fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GeneralNameFixed bsc1207533. - CVE-2023-0215: Fixed a use-after-free following BIOnewNDEF bsc1207536. - CVE-2022-4304: Fixed a timing oracle in RSA decryption bsc1207534. The following...

gnutls security and bug fix update

3.7.6-18 - Update gnutls-3.7.8-fips-pct-dh.patch to the upstream version 2168610 3.7.6-17 - Fix timing side-channel in TLS RSA key exchange 2162600 3.7.6-16 - fips: extend PCT to DH key generation 2168610 3.7.6-14 - fips: remove library path checking from FIPS integrity check 2149638 - fips: rena...

K15751: OpenSSH vulnerability CVE-2007-0726

Security Advisory Description The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break...

K34146339: OpenSSL vulnerability CVE-2000-1254

Security Advisory Description crypto/rsa/rsagen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging improper RSA key generation on 64-bit HP-UX...

SUSE CVE-2000-1254

crypto/rsa/rsagen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging improper RSA key generation on 64-bit HP-UX platforms...

SUSE CVE-2013-2228

SaltStack RSA Key Generation allows remote users to decrypt communications...

SUSE CVE-2013-4576

GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not...