37 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-2597
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function randombytes. The function does not validate that...
EUVD-2015-2251
Malware in sbrugna...
Malicious code in libcrypt-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 986987a3ac2062033ac84907b4be4febb72b7c5e89c511e691bbac561f7045b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in libcrypt (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 65114ab78e2e9c6bdb0302cf5091d6177a082c11eb4dda08a2aff13d5a0a9c18 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-339 Malicious code in libcrypt-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 77d47557d62a40299969d264aae617c455ddf31a8ac1bcfac975dc3e27e72d94 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in libcrypt-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 77d47557d62a40299969d264aae617c455ddf31a8ac1bcfac975dc3e27e72d94 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-338 Malicious code in libcrypt (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 65114ab78e2e9c6bdb0302cf5091d6177a082c11eb4dda08a2aff13d5a0a9c18 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-340 Malicious code in libcrypt-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 986987a3ac2062033ac84907b4be4febb72b7c5e89c511e691bbac561f7045b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in libcrypt (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-5310 Malicious code in libcrypt (PyPI)
--- -= Per source details. Do not edit below this line.=-...
CVE-2024-2467
A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...
SUSE CVE-2015-2141
The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack...
Security Bulletin: Vulnerability in Libcrypt++ affects PowerKVM (CVE-2015-2141)
Summary PowerKVM is affected by a vulnerability in libcrypt++. This vulnerability is now fixed. Vulnerability Details CVEID: CVE-2015-2141 DESCRIPTION: libcrypt++ could allow a remote attacker to obtain sensitive information, caused by weak Rabin-Williams digital signature algorithm in...
Libcrypt++ Private Key Disclosure Vulnerability
libcrypt is an ANSI C encryption library. A private key disclosure vulnerability exists in libcrypt++, which allows remote attackers to obtain a private key via a timing attack...
CVE-2015-2141
The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack...
Code injection
The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack...
CVE-2015-2141
The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack...
CVE-2015-2141
The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack...
CVE-2015-2141
libcrypt++ 5.6.2 contains a timing-attack vulnerability in InvertibleRWFunction::CalculateInverse used with Rabin–Williams signatures, enabling remote extraction of private keys. Affected component is the private-key blinding during Rabin–Williams operations; impact is private-key disclosure unde...
CVE-2015-2141
The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack...