Lucene search
K

19 matches found

OSV
OSV
added 2026/04/27 6:33 p.m.10 views

JLSEC-2026-250 Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary...

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.6AI score0.01131EPSS
Exploits0References10
OSV
OSV
added 2026/04/27 6:33 p.m.13 views

JLSEC-2026-277 Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key...

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...

7.5CVSS8.1AI score0.00981EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-31790

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicio...

7.5CVSS7.5AI score0.00981EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : edk2-20240524-6.el9 (AXSA:2024-9428:12)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9428:12 advisory. mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC CVE-2023-6129 openssl: Excessive time spent checking invalid RSA...

6.5CVSS6.5AI score0.03174EPSS
Exploits0References5
Redos
Redos
added 2025/08/26 12:0 a.m.5 views

ROS-20250826-02

The vulnerability of the Diffie-Hellman key negotiation protocol is related to unnecessary public key checking in the Diffie-Hellman key negotiation protocol when using an approved secure prime number. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...

7.5CVSS7AI score0.01083EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-4603

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or...

5.3CVSS6.7AI score0.01131EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-6237

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to...

5.9CVSS6.3AI score0.02303EPSS
Exploits0References2
OSV
OSV
added 2025/07/04 2:44 p.m.6 views

OESA-2025-1747 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications th...

5.3CVSS6.9AI score0.04459EPSS
Exploits0References2
OSV
OSV
added 2024/05/16 4:15 p.m.5 views

AZL-78534 CVE-2024-4603 affecting package openssl-fips-provider 3.1.2-1

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.6AI score0.01131EPSS
Exploits0References1
OSV
OSV
added 2024/05/16 4:15 p.m.8 views

AZL-42766 CVE-2024-4603 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.6AI score0.01131EPSS
Exploits0References1
OSV
OSV
added 2024/05/16 4:15 p.m.7 views

AZL-47684 CVE-2024-4603 affecting package hvloader for versions less than 1.0.1-6

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.6AI score0.01131EPSS
Exploits0References1
OSV
OSV
added 2024/05/16 4:15 p.m.4 views

ALPINE-CVE-2024-4603

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.9AI score0.01131EPSS
Exploits0References1
OSV
OSV
added 2024/01/22 4:33 p.m.6 views

SUSE-SU-2024:0172-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2023-6129: Fixed vector register clobbering on PowerPC. bsc1218690 - CVE-2023-6237: Fixed excessive time spent checking invalid RSA public keys. bsc1218810...

6.5CVSS6.5AI score0.02323EPSS
Exploits0References5
Amazon
Amazon
added 2023/12/04 12:0 a.m.4 views

Medium: openssl-snapsafe

Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...

5.3CVSS7.8AI score0.04459EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/11/08 1:53 a.m.3 views

SUSE CVE-2023-5678

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...

5.3CVSS6.5AI score0.04459EPSS
Exploits0References50
OSV
OSV
added 2023/11/06 4:15 p.m.6 views

AZL-34666 CVE-2023-5678 affecting package edk2 for versions less than 20230301gitf80f052277c8-38

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...

5.3CVSS6.6AI score0.04459EPSS
Exploits0References1
OSV
OSV
added 2023/11/06 4:15 p.m.8 views

AZL-42736 CVE-2023-5678 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...

5.3CVSS6.6AI score0.04459EPSS
Exploits0References1
OSV
OSV
added 2023/11/06 4:15 p.m.4 views

ALPINE-CVE-2023-5678

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...

5.3CVSS7AI score0.04459EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/24 12:0 a.m.5 views

PT-2023-7560

Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 1.1.1w Description The issue is related to the generation and checking of excessively long X9.42 DH keys or parameters, which may cause long delays in applications using the affected functions. This can lead to a Deni...

5.3CVSS8AI score0.04459EPSS
Exploits0References170
Rows per page
Query Builder