Astra Linux - уязвимость в libgcrypt20

The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...

[SECURITY] Fedora 43 Update: openssl-3.5.4-3.fc43

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

[SECURITY] Fedora 43 Update: openssl-3.5.4-2.fc43

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

[SECURITY] Fedora 42 Update: openssl-3.2.6-3.fc42

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

Breaking ECDSA with Electromagnetic Side-Channel Attacks: Challenges and Practicality on Modern Smartphones

Smartphones handle sensitive tasks such as messaging and payment and may soon support critical electronic identification through initiatives such as the European Digital Identity EUDI wallet, currently under development. Yet the susceptibility of modern smartphones to physical side-channel analys...

[SECURITY] Fedora 43 Update: openssl-3.5.4-1.fc43

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

Exploit for CVE-2025-6202

This article examines the systemic cryptographic security threat...

EUVD-2018-4133

Malware in sbrugna...

EUVD-2021-27703

Malicious code in bioql PyPI...

Alibaba Cloud Linux 3 : 0129: libgcrypt (ALINUX3-SA-2022:0129)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0129 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-40528: The ElGamal implementation in...

New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys

A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent...

EulerOS Virtualization 3.0.2.2 : libgcrypt (EulerOS-SA-2023-1266)

According to the versions of the libgcrypt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a...

Security Bulletin: IBM MQ and IBM WebSphere MQ are affected by Side channel attacks on modular exponentiation (CVE-2016-0702)

Summary IBM MQ and WebSphere MQ have addressed CVE-2016-0702 The GSKit cryptographic libraries supplied with MQ are impacted by the same issue described in the OpenSSL disclosure. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL could allow a local attacker to obtain sensitive...

Oracle Linux 8 : libgcrypt (ELSA-2022-9564)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9564 advisory. 1.8.5-7fips - Add API to provide hash calculation in RSA/DSA/ECDSA signature operations Orabug: 33081130 - Change Epoch from 1 to 10 1.8.5-7 - Fix CVE-2021-3356...

Oracle Linux 8 : libgcrypt (ELSA-2022-5311)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-5311 advisory. 1.8.5-7 - Fix CVE-2021-33560 2018525 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus ha...

GHSA-XX36-6RV4-GJ8R ecdsa-elixir fails to check signatures, vulnerable to message forging

Summary Stark Bank is a financial technology company that provides services to simplify and automate digital banking, by providing APIs to perform operations such as payments and transfers. In addition, Stark Bank maintains a number of cryptographic libraries to perform cryptographic signing and...

ecdsa-elixir fails to check signatures, vulnerable to message forging

Summary Stark Bank is a financial technology company that provides services to simplify and automate digital banking, by providing APIs to perform operations such as payments and transfers. In addition, Stark Bank maintains a number of cryptographic libraries to perform cryptographic signing and...

EulerOS Virtualization 2.10.0 : libgcrypt (EulerOS-SA-2022-1404)

According to the versions of the libgcrypt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two...

EulerOS Virtualization 2.10.1 : libgcrypt (EulerOS-SA-2022-1378)

According to the versions of the libgcrypt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two...

Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2022-1378)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...