Lucene search
K

7 matches found

nvd
nvd
added 2026/06/25 8:17 p.m.7 views

CVE-2026-12340

Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...

7.5CVSS0.00226EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/25 7:36 p.m.6 views

CVE-2026-12340

Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...

6.3CVSS5.8AI score0.00226EPSS
Exploits0References3Affected Software1
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.13 views

PT-2026-52564

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An out-of-bounds heap read occurs during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key...

7.5CVSS5.7AI score0.00226EPSS
Exploits0References6
nessus
nessus
added 2026/06/08 12:0 a.m.13 views

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2026-1784)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1784 advisory. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected...

10CVSS7AI score0.00533EPSS
Exploits0References28
osv
osv
added 2020/10/29 4:15 a.m.5 views

CVE-2020-11488

NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which software does not validate the RSA 1024 public key used to verify the firmware signature, which may lead t...

6.7CVSS5.9AI score0.00243EPSS
Exploits0References1
qualysblog
qualysblog
added 2018/10/10 3:0 p.m.141 views

PCI & QID 38598 “Deprecated Public Key Length”

QID 38598 “Deprecated Public Key Length” will be marked as PCI Fail as of November 1, 2018 in accordance with its CVSS score. Under PCI DSS merchants and financial institutions are required to protect their clients' sensitive data with strong cryptography. Strong cryptography is defined in the...

2AI score
Exploits0
redhat
redhat
added 2009/01/13 9:39 p.m.7 views

OpenJDK RSA public key length denial-of-service (6497740)

Unspecified vulnerability in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows remote attackers to cause a denial of service CPU consumption via a crafted RSA public key...

7.1CVSS7.3AI score0.03993EPSS
Exploits1References4
Rows per page
Query Builder