Linux Distros Unpatched Vulnerability : CVE-2024-4603

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or...

aioradio (=0.20.24), aisquared (>=0.2.2.dev0 <=0.2.2.dev9) +20 more potentially affected by CVE-2025-54886 via skops (>=0.10.0 <=0.11.0)

skops PYPI version =0.10.0, =0.2.2.dev0, =23.10.1, =23.8.0, =0.5.1, =1.2.15, =1.5.0, =0.4.0, =0.1.0, =1.5.0, =1.6.1 - prompt-protect =0.1.0 and more Source cves: CVE-2025-54886 Source advisory: SNYK:PYTHON-SKOPS-11509790...

aioradio (=0.20.24), aisquared (>=0.2.2.dev0 <=0.2.2.dev9) +20 more potentially affected by CVE-2025-54886 via skops (>=0.10.0 <=0.11.0)

skops PYPI version =0.10.0, =0.2.2.dev0, =23.10.1, =23.8.0, =0.5.1, =1.2.15, =1.5.0, =0.4.0, =0.1.0, =1.5.0, =1.6.1 - prompt-protect =0.1.0 and more Source cves: CVE-2025-54886 Source advisory: OSV:GHSA-378X-6P4F-8JGM...

DM-RSA: an Extension of RSA with Dual Modulus

We introduce DM-RSA Dual Modulus RSA, a variant of the RSA cryptosystem that employs two distinct moduli symmetrically to enhance security. By leveraging the Chinese Remainder Theorem CRT for decryption, DM-RSA provides increased robustness against side-channel attacks while preserving the...

CVE-2025-21433

CVE-2025-21433 affects Qualcomm closed‑source components. The issue is a transient denial-of-service that occurs when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. Root cause is a zero-sized modulus handling in the affected component(s); impact is Denial of Service (availa...

Accurate BGV Parameters Selection: Accounting for Secret and Public Key Dependencies in Average-Case Analysis

The Brakerski-Gentry-Vaikuntanathan BGV scheme is one of the most significant fully homomorphic encryption FHE schemes. It belongs to a class of FHE schemes whose security is based on the presumed intractability of the Learning with Errors LWE problem and its ring variant RLWE. Such schemes deal...

The Rabin Cryptosystem over Number Fields

We extend Rabin's cryptosystem to general number fields. We show that decryption of a random plaintext is as hard as the integer factorisation problem, provided the modulus in our scheme has been chosen carefully. We investigate the performance of our new cryptosystem in comparison with the...

A Geometric Square-Based Approach to RSA Integer Factorization

We present a new approach to RSA factorization inspired by geometric interpretations and square differences. This method reformulates the problem in terms of the distance between perfect squares and provides a recurrence relation that allows rapid convergence when the RSA modulus has closely spac...

CVE-2023-28431

Frontier is an Ethereum compatibility layer for Substrate. Frontier's modexp precompile uses num-bigint crate under the hood. In the implementation prior to pull request 1017, the cases for modulus being even and modulus being odd are treated separately. Odd modulus uses the fast Montgomery...

CVE-2023-33252

iden3 snarkjs through 0.6.11 allows double spending because there is no validation that the publicSignals length is less than the field modulus...

Efficient Implementations of Residue Generators Mod 2n + 1 Providing Diminished-1 Representation

The moduli of the form 2n + 1 belong to a class of low-cost odd moduli, which have been frequently selected to form the basis of various residue number systems RNS. The most efficient computations modulo mod 2n + 1 are performed using the so-called diminished-1 D1 representation. Therefore, it is...

OESA-2025-1327 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or...

CLSA-2025-1741787087 openssl: Fix of CVE-2023-6237

CVE-2023-6237: optimize computation time for RSA modulus to avoid possible denial of service while checking excessively long invalid RSA public keys...

openssl: Excessive time spent checking invalid RSA public keys

A flaw was found in OpenSSL. When the EVPPKEYpubliccheck function is called in RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is a large...

PT-2024-40264 · Gnark · Gnark

Name of the Vulnerable Software and Affected Versions: Gnark versions prior to 1.2.0 Description: The issue concerns the Gnark recursion circuit, which has constraints on arithmetic over BabyBear when the native field of the ZKP circuit is the BN254 scalar field. The problem arises from improper...

PT-2024-33729

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A problem in the Linux kernel has been identified where a bpf program may cause a kernel crash due to a signed divide error. The issue arises when the divisor is -1, which can lead to ...

Medium: openssl

Issue Overview: Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that ar...

CVE-2024-23357 NULL Pointer Dereference in HLOS

Transient DOS while importing a PKCS8-encoded RSA key with zero bytes modulus...

CVE-2024-23357 NULL Pointer Dereference in HLOS

Transient DOS while importing a PKCS8-encoded RSA key with zero bytes modulus...

PT-2024-19836 · Qualcomm · 215 Mobile Platform Firmware +212

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue involves a transient Denial of Service DOS that occurs when importing a PKCS8-encoded RSA key with a modulus containing zero bytes. Recommendations: At the moment, there is no...