SUSE CVE-2026-33936

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...

MiracleLinux 4 : openssl-1.0.0-20.AXS4.4, openssl098e-0.9.8e-17.AXS4.2 (AXSA:2012-535:05)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-535:05 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which...

CVE-2025-58185

Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory exhaustion...

openSUSE Security Advisory (SUSE-SU-2024:0157-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:0157-1 Security update for libcryptopp

This update for libcryptopp fixes the following issues: - CVE-2023-50981: Fixed a potential denial of service issue via crafted DER public key data bsc1218222...

Denial Of Service (DoS)

libcryptopp.so is vulnerable to Denial Of Service DoS. The vulnerability exists in the ModularSquareRoot function due to an infinite loop caused by crafted DER public-key data with squared odd numbers, which allows an attacker to cause DoS...

CVE-2023-50981

ModularSquareRoot in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service infinite loop via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853...

CVE-2023-50981

ModularSquareRoot in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service infinite loop via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853...

SUSE CVE-2019-17362

In LibTomCrypt through 1.18.2, the derdecodeutf8string function in derdecodeutf8string.c does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service out-of-bounds read and crash or read information from other memory locations via...

Security update for libtomcrypt (moderate)

openSUSE Security Update: Security update for libtomcrypt Announcement ID: openSUSE-SU-2019:2514-1 Rating: moderate References: 1153433 Cross-References: CVE-2019-17362 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...

Security update for libtomcrypt (moderate)

openSUSE Security Update: Security update for libtomcrypt Announcement ID: openSUSE-SU-2019:2454-1 Rating: moderate References: 1153433 Cross-References: CVE-2019-17362 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for...

LibTomCrypt Memory Corruption Vulnerability

LibTomCrypt is a fairly comprehensive modular portable encryption toolkit. LibTomCrypt 1.18.2 and earlier versions suffer from a memory corruption vulnerability that stems from the derdecodeutf8string function in derdecodeutf8string.c failing to correctly detect certain invalid UTF-8 sequences,...

CVE-2019-15651

wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src/asn.c because reading the ASNBOOLEAN byte is mishandled for a crafted DER certificate in GetLengthex...

openssl: asn1_d2i_read_bio integer errors leading to buffer overflow

The asn1d2ireadbio function in crypto/asn1/ad2ifp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service memory corruption or possibly have...

openssl: asn1_d2i_read_bio integer errors leading to buffer overflow

The asn1d2ireadbio function in crypto/asn1/ad2ifp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service memory corruption or possibly have...

CVE-2012-2110

The asn1d2ireadbio function in crypto/asn1/ad2ifp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service memory corruption or possibly have...

OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted DER encoded data, which is not...

CVE-2009-3876

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted DER encoded data, which is not...

CVE-2009-3876

Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to cause a denial of service memory consumption via crafted DER encoded data, which is not...

CVE-2009-3876

CVE-2009-3876 affects Sun Java SE/JRE/JDK components. The vulnerability stems from the ASN.1 DER input stream parser failing to properly decode crafted DER-encoded data, allowing remote attackers to cause a denial of service via memory consumption. Affected products include Sun JRE/JDK 5.0 before...