EUVD-2022-1888

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-11756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects...

SUSE CVE-2019-11756

Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects Firefox 71...

SUSE CVE-2021-3798

A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via CCreateObject, nor when CDeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack...

AZL-10659 CVE-2021-3798 affecting package opencryptoki for versions less than 3.17.0-1

A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via CCreateObject, nor when CDeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack...

CVE-2021-3798

A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via CCreateObject, nor when CDeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack...

CVE-2021-3798

A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via CCreateObject, nor when CDeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack...

PT-2022-10686 · Unknown · Opencryptoki

Name of the Vulnerable Software and Affected Versions: openCryptoki affected versions not specified Description: A flaw was found in openCryptoki, where the openCryptoki Soft token does not validate the EC key when it is created via C CreateObject or when C DeriveKey is used with ECDH public data...

EulerOS Virtualization 2.9.0 : nss (EulerOS-SA-2022-2203)

According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. Thi...

EulerOS 2.0 SP9 : nss (EulerOS-SA-2022-1871)

According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability...

JBoss KeyCloak is vulnerable to soft token deletion via CSRF

JBoss KeyCloak is vulnerable to soft token deletion via CSRF. This issue is fixed in Keycloak 1.0.2.Final...

GHSA-237Q-6HJP-PCHQ JBoss KeyCloak is vulnerable to soft token deletion via CSRF

JBoss KeyCloak is vulnerable to soft token deletion via CSRF. This issue is fixed in Keycloak 1.0.2.Final...

CVE-2021-3798

A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via CCreateObject, nor when CDeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack...

openCryptoki: Soft token does not check if an EC key is valid

A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via CCreateObject, nor when CDeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack...

ALBA-2021:3054 opencryptoki bug fix and enhancement update

The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...

How to Install and Configure RSA Soft Token on iOS Receiver

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. A recent update to the Citrix Receiver for iOS, adds integration of the RSA token to allow access to...

NewStart CGSL MAIN 6.02 : nss Multiple Vulnerabilities (NS-SA-2021-0053)

The remote NewStart CGSL host, running version MAIN 6.02, has nss packages installed that are affected by multiple vulnerabilities: - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects Firefox...

CVE-2019-11756

Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects Firefox 71...

CVE-2019-11756

Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects Firefox 71...

Input validation

Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects Firefox 71...