768 matches found
DEBIAN-CVE-2021-3580
A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service...
CVE-2021-3580
A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service...
Denial of service
A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service...
CVE-2021-3580
A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service...
CVE-2021-26099
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext...
CVE-2021-26099
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext...
CVE-2021-26099
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext...
Fortinet FortiMail 安全漏洞
Fortinet FortiMail is a set of e-mail security gateway products of the U.S. Fita Fortinet. The product provides email security and data protection features. A security vulnerability exists in FortiMail prior to 7.0.0, which stems from the lack of an encryption step in the Identity-Based Encryptio...
CVE-2021-3580
A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service...
UBUNTU-CVE-2021-3580
A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service...
SUSE: Security Advisory (SUSE-SU-2012:0479-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
python-cryptography: Bleichenbacher timing oracle attack against RSA decryption
A flaw was found in python-cryptography, where it is vulnerable to Bleichenbacher timing attacks. This flaw allows an attacker, via the RSA decryption API, to decrypt parts of the ciphertext encrypted with RSA. The highest threat from this vulnerability is to confidentiality...
PT-2021-5781 · Nettle +9 · Nettle +9
Name of the Vulnerable Software and Affected Versions: Nettle affected versions not specified Description: A flaw was found in the way Nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application...
Cisco Firepower Threat Defense 1000 Series Bleichenbacher Attack (cisco-sa-asaftd-tls-bb-2g9uWkP)
According to its self-reported version, the TLS handler of Cisco Firepower Threat Defense FTD Software for Cisco Firepower 1000 Series firewalls is affected by the Bleichenbacher attack vulnerability due to improper implementation of countermeasures against the Bleichenbacher attack for cipher...
Cisco Adaptive Security Appliance Software Bleichenbacher Attack (cisco-sa-asaftd-tls-bb-2g9uWkP)
According to its self-reported version, the TLS handler of Cisco Adaptive Security Appliance ASA Software for Cisco Firepower 1000 is affected by the Bleichenbacher attack vulnerability due to improper implementation of countermeasures against the Bleichenbacher attack for cipher suites that rely...
Huawei EulerOS: Security Advisory for python-crypto (EulerOS-SA-2021-1836)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : python-crypto (EulerOS-SA-2021-1836)
According to the version of the python-crypto package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive...
GHSA-94HH-PJJG-RWMR Padding Oracle Attack due to Observable Timing Discrepancy in jose-browser-runtime
Impact AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed JWEDecryptionFailed would be thrown. But a possibly observable difference in timing when padding error would occur while...
Padding Oracle Attack
jose is vulnerable to padding oracle attack. A possible observable difference in timing when padding error occurs while decrypting the ciphertext allows an attacker to obtain the plaintext data without knowledge of the decryption key...
Unspecified vulnerability in npm jose
npm jose is an application from the U.S. company npm. Use native encryption runtime does not depend on the item JWA, JWS, JWE, JWT, JWK. A security vulnerability exists in npm jose that stems from a possible timing difference when a padding error occurs while decrypting a ciphertext. No detailed...