EUVD-2023-55708

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-50981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ModularSquareRoot in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service infinite loop via crafted DER public-key data associated...

NewStart CGSL MAIN 7.02 : cryptopp Multiple Vulnerabilities (NS-SA-2025-0115)

The remote NewStart CGSL host, running version MAIN 7.02, has cryptopp packages installed that are affected by multiple vulnerabilities: - ModularSquareRoot in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service infinite loop via crafted DER public-key data associate...

SUSE CVE-2023-50980

gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, if the degree of each term in the polynomial is not strictly decreasing...

Denial Of Service (DoS)

libcryptopp.so is vulnerable to Denial Of Service DoS. The vulnerability exists in the ModularSquareRoot function due to an infinite loop caused by crafted DER public-key data with squared odd numbers, which allows an attacker to cause DoS...

Denial Of Service (DoS)

libcryptopp.so is vulnerable to Denial Of Service DoS. The vulnerability is caused when DER public key data for an F2^m curve is not strictly decreasing each polynomial term, which allows an attacker to cause an application crash...

CVE-2023-50981

ModularSquareRoot in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service infinite loop via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853...

CVE-2023-50980

gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, if the degree of each term in the polynomial is not strictly decreasing...

CVE-2023-50981

ModularSquareRoot in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service infinite loop via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853...

Command injection

gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, if the degree of each term in the polynomial is not strictly decreasing...

CVE-2023-50980

gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, if the degree of each term in the polynomial is not strictly decreasing...

CVE-2023-50981

ModularSquareRoot in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service infinite loop via crafted DER public-key data associated with squared odd numbers, such as the square of 268995137513890432434389773128616504853...

CVE-2023-50980

gf2n.cpp in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service application crash via DER public-key data for an F2^m curve, if the degree of each term in the polynomial is not strictly decreasing...

SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Access Validation / Input Validation

source: https://www.securityfocus.com/bid/26788/info The G/PGP encryption plugin for SquirrelMail is prone to an input-validation vulnerability and an access-validation vulnerability. Attackers can exploit these issues to inject arbitrary script code into public key data or to delete and overwrit...

SquirrelMail GPGP Encryption Plugin 2.02.1 - Access Validation Input Validation

SquirrelMail GPGP Encryption Plugin 2.02.1 - Access Validation Input Validation source: https://www.securityfocus.com/bid/26788/info The G/PGP encryption plugin for SquirrelMail is prone to an input-validation vulnerability and an access-validation vulnerability. Attackers can exploit these issue...