MiracleLinux 7 : linux-firmware-20190429-72.gitddde598.el7 (AXSA:2019-4272:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4272:02 advisory. kernel: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie- Hellman key exchange CVE-2018-5383 Tenable has...

EUVD-2020-7151

Malware in sbrugna...

CVE-2025-55297 ESF-IDF BluFi Example Memory Overflow Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. The BluFi example bundled in ESP-IDF was vulnerable to memory overflows in two areas: Wi-Fi credential handling and Diffie–Hellman key exchange. This vulnerability is fixed in 5.4.1, 5.3.3, 5.1.6, and 5.0.9...

CVE-2025-55297 ESF-IDF BluFi Example Memory Overflow Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. The BluFi example bundled in ESP-IDF was vulnerable to memory overflows in two areas: Wi-Fi credential handling and Diffie–Hellman key exchange. This vulnerability is fixed in 5.4.1, 5.3.3, 5.1.6, and 5.0.9...

PT-2018-3532 · Apple +6 · Ios +7

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 10.13 iOS versions prior to 11.4 Android versions prior to the 2018-06-05 patch Description: The issue is related to incorrect validation of cryptographic signatures in Bluetooth drivers for Android, macOS, and iOS...

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...

LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks

A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This can lea...

Amazon Linux AMI : openssl (ALAS-2015-550) (Logjam)

LOGJAM: A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange for both export and non-export grade cipher suites. An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation. This...

nss: Do not allow p-1 as a public DH value (MFSA 2014-12)

It was found that NSS accepted weak Diffie-Hellman Key exchange DHKE parameters. This could possibly lead to weak encryption being used in communication between the client and the server...

Triple Handshake TLS Attacks Target Resumption, Renegotiation

A team of researchers has published a paper that explains a number of attacks against websites and Web-based applications running TLS. The researchers’ techniques do not exploit implementation errors, the most common attack vector against encryption securing online communication, instead focus on...