CVE-2026-39829

CVE-2026-39829 affects golang.org/x/crypto/ssh. The vulnerability arises because the RSA/DSA public key parsers did not enforce size limits on key parameters, allowing crafted keys with oversized modulus or DSA parameters to cause prolonged CPU use during signature verification. Affected behavior...

CVE-2026-39829 Invoking pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh

The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public...

PT-2026-42708

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description RSA and DSA public key parsers fail to enforce size limits on key parameters. An unauthenticated client can trigger excessive CPU consumption during signature...

CVE-2026-33488

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the createKeys function in the LoginControl plugin's PGP 2FA system generates 512-bit RSA keys, which have been publicly factorable since 1999. An attacker who obtains a target user's public key can factor the...

EUVD-2016-1649

Malware in sbrugna...

SUSE CVE-2023-6237

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

CVE-2022-34746

An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private key by factoring...

Authentication flaw

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 820, and SD 820A, function cepkcs1psspaddingverifyautorecoversaltlen assumes that t...

RSA Security RSAREF 2.0 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/843/info A buffer overflow vulnerability exists in the RSAREF cryptographic library which may possibly make any software using the library vulnerable. The vulnerability exists in four functions in the rsa.c source file. T...