CVE-2025-62514

Parsec’s 3.x web component libparsec_crypto (RustCrypto backend) does not verify weak order points for Curve25519 in versions before 3.6.0. An attacker in a MITM could supply weak order points to both parties during Diffie-Hellman, increasing the chance that both ends derive the same shared key a...

PT-2016-7536 · Mozilla +4 · Nss +4

Name of the Vulnerable Software and Affected Versions: NSS versions 3.21.x Description: A flaw was found in the Diffie Hellman Client key exchange handling, making it vulnerable to a small subgroup confinement attack. This allows an attacker to recover private keys by confining the client DH key ...

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2013-156)

Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, Libraries, and Beans components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2013-0442 , CVE-2013-0445 , CVE-2013-0441 , CVE-2013-1475 ,...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...