EUVD-2026-36411

A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure again...

PT-2026-48857

A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure again...

Missing Cryptographic Step

Overview Affected versions of this package are vulnerable to Missing Cryptographic Step in EVPPKEYderivesetpeer when called with a DHX X9.42 peer key. A malicious peer can recover the victim's private key. A peer presenting an X9.42 key that carries the victim's p and g, and a forged q passes all...

Missing Cryptographic Step

Overview Affected versions of this package are vulnerable to Missing Cryptographic Step due to the lack of enforcement for receiving a cryptographically-signed final chunk before the termination of the outer HTTP body. An attacker can cause undetected truncation of chunked messages by forwarding...

Missing Cryptographic Step

jsrsasign is vulnerable to Missing Cryptographic Step. The vulnerability is due to improper handling of invalid DSA signature values without retry logic, which allows an attacker to recover the private key by forcing signature parameters to predictable values...

CVE-2026-4601

Versions of the package jsrsasign before 11.1.1 are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be zero, so the library emits an invalid signature witho...

DEBIAN-CVE-2026-3230

Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required keyshare extension,...

CVE-2025-47383 Missing Cryptographic Step in Data Modem

Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE...

CVE-2025-47383

CVE-2025-47383 describes a weak configuration that may cause a cryptographic issue when a VoWiFi call is triggered from UE. Connected records repeat the description and list a CVSS v3.1 base score of 7.2 (HIGH) with NETWORK attack vector, low attack complexity, and high impact on confidentiality,...

Missing Cryptographic Step

Overview jsrsasign is a free pure JavaScript cryptographic library. Affected versions of this package are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by forcing r or s to be...

Missing Cryptographic Step

Overview org.webjars.npm:jsrsasign is a free pure JavaScript cryptographic library. Affected versions of this package are vulnerable to Missing Cryptographic Step via the KJUR.crypto.DSA.signWithMessageHash process in the DSA signing implementation. An attacker can recover the private key by...

Missing Cryptographic Step

Overview Affected versions of this package are vulnerable to Missing Cryptographic Step that exposes the final 1-15 bytes of a message when the low-level OCB API is used directly with AES-NI or other hardware accelerated code paths. Common implementations of openssl using EVP are not vulnerable...

CVE-2025-60704

Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-60704

Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-60704

Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network...

CVE-2020-9158

There is a Missing Cryptographic Step vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS of Samgr...

CVE-2025-3938

Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before...

CVE-2025-3938

CVE-2025-3938 describes a Missing Cryptographic Step vulnerability in Tridium Niagara Framework and Niagara Enterprise Security across Windows, Linux and QNX. Affected versions are Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before ...

Missing Cryptographic Step

Overview openssl is a package that wraps the OpenSSL library. Affected versions of this package are vulnerable to Missing Cryptographic Step when the EVPEncryptInitex2, EVPDecryptInitex2 or EVPCipherInitex2 functions are used. An attacker can cause truncation or overreading of key and...

CVE-2023-34471 Missing Cryptographic Step

AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message authentication code HMAC. A successful exploit of this vulnerability may lead to the loss confidentiality, integrity, and authentication...