12 matches found
MINI-RH2M-43MP-5VMP
Bulletin has no description...
MINI-M389-4C4H-2M55
Bulletin has no description...
USN-7264-1 openssl vulnerabilities
It was discovered that OpenSSL clients incorrectly handled authenticating servers using RFC7250 Raw Public Keys. In certain cases, the connection will not abort as expected, possibly causing the communication to be intercepted. CVE-2024-12797 George Pantelakis and Alicja Kario discovered that...
OESA-2024-2480 openssl security update
OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to...
Vulnerability of the functions EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(), and BN_GF2m_*() in the Elliptic Curve API of the OpenSSL cryptographic library, which allows a hacker to execute arbitrary code.
The vulnerabilities of the functions ECGROUPnewcurveGF2m, ECGROUPnewfromparams, and BNGF2m in the Elliptic Curve API of the OpenSSL cryptographic library are exploited due to a buffer overflow in the queue. Exploiting these vulnerabilities could allow a remote attacker to execute arbitrary code...
org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service
A vulnerability was found in Bouncy Castle. An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java BC Java. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters...
SUSE CVE-2024-29857
An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java BC Java before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of th...
SUSE CVE-2023-50980
gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, if the degree of each term in the polynomial is not strictly decreasing...
DEBIAN-CVE-2023-50980
gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, if the degree of each term in the polynomial is not strictly decreasing...
PT-2023-26580 · Omron · Cj2H Cpu Unit +2
Name of the Vulnerable Software and Affected Versions: CJ2M CPU Unit versions 2.18 and earlier CJ2H CPU Unit versions 3.04 and earlier CS/CJ Series EtherNet/IP Unit CS1W-EIP21 versions 3.04 and earlier CS/CJ Series EtherNet/IP Unit CJ1W-EIP21 versions 3.04 and earlier Description: A...
CVE-2022-25753
A vulnerability has been identified in SCALANCE X302-7 EEC 230V, SCALANCE X302-7 EEC 230V, coated, SCALANCE X302-7 EEC 24V, SCALANCE X302-7 EEC 24V, coated, SCALANCE X302-7 EEC 2x 230V, SCALANCE X302-7 EEC 2x 230V, coated, SCALANCE X302-7 EEC 2x 24V, SCALANCE X302-7 EEC 2x 24V, coated, SCALANCE...
The vulnerability of the development environment for CX-Programmers and microprogramming software of PLC Omron CJ2M and Omron CJ2H, related to the transmission of passwords in an open manner, allows attackers to intercept the passwords.
The vulnerability of the development environment CX-Programmer, which is part of the CX-One software suite designed for programming and configuring Omron PLCs, as well as Omron microcontrollers like CJ2M and CJ2H, stems from the transmission of passwords in an open manner. Exploiting this...