MiracleLinux 4 : openssl-1.0.1e-42.AXS4.1 (AXSA:2015-934:07)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-934:07 advisory. Security issues fixed with this release: CVE-2015-3194 crypto/rsa/rsaameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote...

SUSE SLES15 Security Update : libgcrypt (SUSE-SU-2025:02773-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02773-1 advisory. - CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Tenable has...

MGASA-2025-0287 Updated perl-Crypt-OpenSSL-RSA packages fix security vulnerability

Perl-crypt-openssl-rsa: side-channel attack in pkcs1 v1.5 padding mode marvin attack. CVE-2024-2467...

EUVD-2016-0032

Malware in sbrugna...

EUVD-2020-13728

Malware in sbrugna...

EUVD-2020-0167

Malware in sbrugna...

EUVD-2020-13729

Malware in sbrugna...

EUVD-2020-0168

Malware in sbrugna...

EUVD-2016-8292

Malware in sbrugna...

Amazon Linux 2 : perl-Crypt-OpenSSL-RSA (ALAS-2025-2942)

The version of perl-Crypt-OpenSSL-RSA installed on the remote host is prior to 0.28-7. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2942 advisory. A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libgcrypt (SUSE-SU-2025:02447-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02447-1 advisory. - CVE-2024-2236: Fixed timing based side-channel in RSA implementation. bsc1221107 Tenable has extracted...

perl-Crypt-OpenSSL-RSA-0.350.0-1.1 on GA media (moderate)

perl-Crypt-OpenSSL-RSA-0.350.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15199-1 Rating: moderate Cross-References: CVE-2024-2467 CVSS scores: CVE-2024-2467 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerabili...

CVE-2020-20950

Bleichenbacher's attack on PKCS 1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the vulnerable...

CVE-2020-20949

Bleichenbacher's attack on PKCS 1 v1.5 padding for RSA in STM32 cryptographic firmware library software expansion for STM32Cube UM1924. The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the...

CVE-2019-19962

wolfSSL before 4.3.0 mishandles calls to wcSignatureGenerateHash, leading to fault injection in RSA cryptography...

Use Of A Broken Or Risky Cryptographic Algorithm

Easy-RSA is vulnerable to weak encryption algorithm usage. The vulnerability is due to insecure key generation due to the use of a weak default encryption algorithm when creating the private CA key with OpenSSL 3, and attackers can exploit this to more easily brute-force the CA private key and...

CVE-2022-49563 crypto: qat - add param check for RSA

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for RSA Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a possible integer underflow that might happen when copying the source scatterlist into a line...

CVE-2022-49563

CVE-2022-49563 affects the Linux kernel crypto qat RSA path. The issue arises when copying the source scatterlist into a linear buffer: requests with a source buffer larger than the key are rejected to prevent a possible integer underflow. The CVE is listed as fixed in kernel updates, with relate...

UBUNTU-CVE-2024-13454

Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL 3...

CVE-2024-13454

CVE-2024-13454 affects Easy-RSA versions 3.0.5 through 3.1.7. The root cause is a weak encryption algorithm when the private CA key is created using OpenSSL 3, enabling a local attacker to more easily bruteforce the private CA key. Impact is limited to confidentiality/integrity of the CA key as i...