70 matches found
CVE-2021-40528
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...
CVE-2021-40528
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...
CVE-2021-40528
The issue is a vulnerability in Libgcrypt’s ElGamal implementation prior to 1.9.4 where, during interaction between two cryptographic libraries, a specific combination of the receiver’s public-key prime and generator with the sender’s ephemeral exponents can enable plaintext recovery via a cross-...
CVE-2021-40528
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's...
Debian DSA-4726-1 : nss - security update
Several vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in side channel/timing attacks or denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4726. Th...
[SECURITY] [DSA 4726-1] nss security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4726-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 17, 2020 https://www.debian.org/security/faq -...
Debian DSA-4579-1 : nss - security update
Two vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in denial of service and potentially the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...
[SECURITY] [DSA 4579-1] nss security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4579-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 06, 2019 https://www.debian.org/security/faq -...
Side-channel Attack
httpd is vulnerable to side-channel attack. An implementation flaw was discovered in multiple cryptographic libraries that allows a side-channel based attacker to recover ECDSA or DSA private keys. When these cryptographic libraries use the private key to create a signature, such as for a TLS or...
Intel Integrated Performance Primitives (IPP) Information Disclosure - US
Lenovo Security Advisory: LEN-25662 Potential Impact: Information disclosure Severity: Moderate Scope of Impact: Industry-wide CVE Identifier: CVE-2018-12155 Summary Description: Intel has notified Lenovo of a potential security vulnerability in Intel IPP may allow data leakage in cryptographic...
Intel Integrated Performance Primitives (IPP) Information Disclosure - Lenovo Support US
No description provided...
Information disclosure
Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2018-12155
Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2018-12155
CVE-2018-12155 affects Intel IPP prior to 2019 update1. Data leakage via cryptographic libraries could allow an authenticated local user to disclose information. Public documentation across multiple sources confirms: vulnerable component is Intel IPP (pre-2019 update1), and the root cause is data...
CVE-2018-12155
Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access...
Intel® Integrated Performance Primitives (Intel® IPP) Advisory
Summary: A potential security vulnerability in Intel® IPP may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2018-12155 Description: Data leakage in cryptographic libraries for IntelR IPP before 2019...
node.js -- multiple vulnerabilities
Node.js reports: OpenSSL: Client DoS due to large DH parameter This fixes a potential denial of service DoS attack against client connections by a malicious server. During a TLS communication handshake, where both client and server agree to use a cipher-suite using DH or DHE Diffie-Hellman, in bo...
[ASA-201806-10] libgcrypt: private key recovery
Arch Linux Security Advisory ASA-201806-10 ========================================== Severity: High Date : 2018-06-16 CVE-ID : CVE-2018-0495 Package : libgcrypt Type : private key recovery Remote : No Link : https://security.archlinux.org/AVG-719 Summary ======= The package libgcrypt before...
Debian DSA-3872-1 : nss - security update
Several vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in denial of service or information disclosure. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Adviso...
Debian: Security Advisory (DSA-3872-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...