jsrsasign: Incomplete Comparison Allows DSA Private Key Recovery via Biased Nonce Generation

Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect...

CVE-2026-4599

Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect...

Incomplete Comparison with Missing Factors

Overview jsrsasign is a free pure JavaScript cryptographic library. Affected versions of this package are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the priva...

Incomplete Comparison with Missing Factors

Overview Affected versions of this package are vulnerable to Incomplete Comparison with Missing Factors in the cryptocoreed25519isvalidpoint function when handling certain custom cryptography or untrusted data. An attacker can bypass intended cryptographic group membership checks by supplying...

CVE-2025-55333

Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

EUVD-2025-34422

Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2025-55333

Incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

PT-2025-42018

Name of the Vulnerable Software and Affected Versions Windows BitLocker affected versions not specified Description An incomplete comparison with missing factors in Windows BitLocker allows an unauthorized attacker to bypass a security feature through a physical attack. Recommendations At the...

CVE-2021-23146

An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 MR3; 8.30 versions prior to 8.30.1359 MR3; 8.20 versions prior to 8.20.1259 MR5; 8.1...

CVE-2021-23146

The CVE-2021-23146 entry concerns an Incomplete Comparison with Missing Factors vulnerability in Gallagher Command Centre (Gallagher Controller). Affected software: Gallagher Command Centre versions prior to 8.40.1888 (MR3); prior to 8.30.1454 (MR3); prior to 8.20.1291 (MR5); prior to 8.10.1284 (...