6 matches found
Astra Linux – Vulnerability in nss
NSS has demonstrated timing differences during the execution of DSA signatures, which can be exploited and may eventually lead to the leakage of private keys. This vulnerability affects Thunderbird versions 68.9.0, Firefox versions 77, and Firefox ESR versions 68.9...
CLSA-2024-1732197150 Fix of 20 CVEs
Update to 8u432-ga fixing a number of CVEs - CVE-2024-20918: missing array range check in C1 compiler leads to out-of-bounds access - CVE-2024-20919: unverified bytecode execution because of the flaw in JVM class file verifier - CVE-2024-20921: optimization issue of loop range check in IfNode and...
AZL-51921 CVE-2022-4968 affecting package netplan for versions less than 1.0.1-1
netplan leaks the private key of wireguard to local users. Versions after 1.0 are not affected...
UBUNTU-CVE-2021-4076
A flaw exists in tang, a network-based cryptographic binding server, which could result in leak of private keys...
H2O use-after-free vulnerability
Overview H2O is an open source web server software. H2O contains a use-after-free vulnerability CWE-416 due to a flaw in the process of upgrading from HTTP/1 to HTTP/2. Kazuho Oku reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Kazuho Oku coordinated...
UBUNTU-CVE-2015-3193
The Montgomery squaring implementation in crypto/bn/asm/x8664-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x8664 platform, as used by the BNmodexp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key...