Exploit for Missing Authentication for Critical Function in Cpanel

Sorry Ransomware Analysis CVE-2026-41940 cPanel Campaign Pu...

Linux Distros Unpatched Vulnerability : CVE-2022-2274

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA...

K20281756: Libgcrypt vulnerability CVE-2017-7526

Security Advisory Description libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately mo...

SUSE CVE-2022-2274

The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a...

Breaking RSA with a Quantum Computer

A group of Chinese researchers have just published a paper claiming that they can--although they have not yet done so--break 2048-bit RSA. This is something to take seriously. It might not be correct, but its not obviously wrong. We have long known from Shors algorithm that factoring with a quant...

DEBIAN-CVE-2022-2274

The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a...

ALPINE-CVE-2022-2274

The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a...

CVE-2021-42114

Modern DRAM devices PC-DDR4, LPDDR4X are affected by a vulnerability in their internal Target Row Refresh TRR mitigation against Rowhammer attacks. Novel non-uniform Rowhammer access patterns, consisting of aggressors with different frequencies, phases, and amplitudes allow triggering bit flips o...

Privilege escalation

Modern DRAM devices PC-DDR4, LPDDR4X are affected by a vulnerability in their internal Target Row Refresh TRR mitigation against Rowhammer attacks. Novel non-uniform Rowhammer access patterns, consisting of aggressors with different frequencies, phases, and amplitudes allow triggering bit flips o...

CVE-2021-42114

CVE-2021-42114 (Blacksmith) affects modern DRAM (PC‑DDR4, LPDDR4X) where TRR mitigations can be bypassed by non‑uniform memory access patterns. ETH Zurich et al. demonstrated a fuzzer (Blacksmith) that triggered bit flips across 40 DRAM devices from major vendors (Samsung, SK Hynix, Micron), enab...

EulerOS Virtualization for ARM 64 3.0.2.0 : libgcrypt (EulerOS-SA-2020-1189)

According to the versions of the libgcrypt package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and...

Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2019-2006)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : libgcrypt (EulerOS-SA-2019-2205)

According to the versions of the libgcrypt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization,...

EulerOS 2.0 SP3 : libgcrypt (EulerOS-SA-2019-2006)

According to the versions of the libgcrypt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization,...

EulerOS 2.0 SP2 : libgcrypt (EulerOS-SA-2019-1750)

According to the versions of the libgcrypt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization,...

Ryuk Hauls in $3.7M in 'Earnings,' Adds TrickBot to the Attack Mix

The Ryuk ransomware has raked in $3.7 million in bitcoin payments since it first appeared last August, researchers say – and has emerged as the calling card for a crime organization called Grim Spider a.k.a. MixMaster. It turns out that Grim Spider could share a link with other crime syndicates,...

CVE-2017-7526

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This...

CVE-2017-7526

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This...

CVE-2017-7526

GnuPG/libgcrypt: CVE-2017-7526 affects libgcrypt before 1.7.8, allowing a cache-side-channel attack that can fully recover RSA-1024 private keys (and likely RSA-2048 with more effort) when the attacker can run code on the same hardware. Connected sources confirm the vulnerability exists in libgcr...

CVE-2017-7526

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This...