12 matches found
CVE-2026-33891
Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, a Denial of Service DoS vulnerability exists in the node-forge library due to an infinite loop in the BigInteger.modInverse function inherited from the bundled jsbn library...
CVE-2026-33891
CVE-2026-33891 affects Forge/node-forge prior to 1.4.0, where BigInteger.modInverse() can enter an infinite loop when given zero, causing a DoS with 100% CPU. The issue is resolved in 1.4.0. Related OSV entries confirm patches in downstream packages (e.g., Root’s @rootio/node-forge) with multiple...
CVE-2024-45678
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...
PT-2024-31724
Name of the Vulnerable Software and Affected Versions: Yubico YubiKey 5 Series devices with firmware before 5.7.0 YubiHSM 2 devices with firmware before 2.4.0 Description: The issue allows an ECDSA secret-key extraction attack that requires physical access and expensive equipment. This attack is...
Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2021-1931)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : nss (EulerOS-SA-2021-1952)
According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly...
EulerOS 2.0 SP9 : nss (EulerOS-SA-2021-1931)
According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly...
Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2021-1744)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-12402
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secr...
Design/Logic Flaw
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secr...
CVE-2020-12402
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secr...
Security Vulnerabilities fixed in Firefox 78 — Mozilla
When %2F was present in a manifest URL, Firefox's AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. This could cause the appcache to be used to service requests for the top level directory. A VideoStreamEncoder may have been freed in a race...