21 matches found
Security Bulletin: Vulnerability in IBM's Common Cryptographic Architecture (CCA) (CVE-2025-13375)
Summary IBM Common Cryptographic Architecture CCA is used to interface with the IBM Hardware Security Module HSM. A security vulnerability exists that has a high confidentiality, integrity and availability impact on card and consuming applications. Vulnerability Details CVEID:CVE-2025-13375...
EUVD-2023-38005
Malicious code in bioql PyPI...
EUVD-2024-54203
Malicious code in bioql PyPI...
EUVD-2022-27569
Malicious code in bioql PyPI...
CVE-2024-49823
IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module HSM using a specially crafted sequence of valid requests...
CVE-2024-22340
IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow a remote attacker to obtain sensitive information during the creation of ECDSA signatures to perform a timing-based attack...
CVE-2024-22340 IBM Common Cryptographic Architecture information disclosure
IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow a remote attacker to obtain sensitive information during the creation of ECDSA signatures to perform a timing-based attack...
CVE-2024-22340
The CVE-2024-22340 entry affects IBM Common Cryptographic Architecture (CCA) versions 7.0.0–7.5.51 for the 4769 family (MTM for 4769) across IBM AIX, IBM i, IBM PowerLinux, and Linux x86. The vulnerability could allow a remote attacker to obtain sensitive information during ECDSA signature creati...
CVE-2024-22340 IBM Common Cryptographic Architecture information disclosure
IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow a remote attacker to obtain sensitive information during the creation of ECDSA signatures to perform a timing-based attack...
CVE-2024-41760 IBM Common Cryptographic Architecture information disclosure
IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an attacker to obtain sensitive information due to a timing attack during certain RSA operations...
CVE-2024-41760 IBM Common Cryptographic Architecture information disclosure
IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an attacker to obtain sensitive information due to a timing attack during certain RSA operations...
CVE-2024-49823 IBM Common Cryptographic Architecture denial of service
IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module HSM using a specially crafted sequence of valid requests...
CVE-2024-49823 IBM Common Cryptographic Architecture denial of service
IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module HSM using a specially crafted sequence of valid requests...
CVE-2024-49823
IBM Common Cryptographic Architecture (CCA) vulnerability CVE-2024-49823 affects CCA versions 7.0.0–7.5.51. An authenticated user could cause a denial of service in the IBM Hardware Security Module (HSM) by sending a specially crafted sequence of valid requests. The bulletin lists CWE-787 (Out-of...
CVE-2023-47150
IBM Common Cryptographic Architecture CCA 7.0.0 through 7.5.36 could allow a remote user to cause a denial of service due to incorrect data handling for certain types of AES operations. IBM X-Force ID: 270602...
CVE-2023-33855
CVE-2023-33855 affects IBM Common Cryptographic Architecture (CCA) used with the IBM 4769 Developer’s Toolkit. Affected versions are CCA 7.0.0 through 7.5.36, where RSA operations may exhibit non-constant-time behavior under certain conditions, potentially allowing a remote attacker to obtain sen...
CVE-2023-47150 IBM Common Cryptographic Architecture denial of service
IBM Common Cryptographic Architecture CCA 7.0.0 through 7.5.36 could allow a remote user to cause a denial of service due to incorrect data handling for certain types of AES operations. IBM X-Force ID: 270602...
Input validation
IBM Common Cryptographic Architecture CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769 could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596...
CVE-2022-22423
IBM Common Cryptographic Architecture CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769 could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596...
PT-2022-15422 · Ibm · Ibm Common Cryptographic Architecture
Name of the Vulnerable Software and Affected Versions: IBM Common Cryptographic Architecture CCA versions 5.x through 7.x Description: The issue is related to improper input validation, which could allow a local user to cause a denial of service. Recommendations: For versions 5.x through 7.x,...