EUVD-2021-7388

Malicious code in bioql PyPI...

CVE-2021-1924

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice &...

openssl security update

3.0.1-47.0.1 - Replace upstream references Orabug: 34340177 1:3.0.1-47 - Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEMreadbioex Resolves: CVE-2022-4450 - Fixed...

K91245485: RSA-CRT key leak vulnerability CVE-2015-5738

Security Advisory Description The RSA-CRT implementation in the Cavium Software Development Kit SDK 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy PFS, makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra...

CVE-2021-1924

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice &...

Information disclosure

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice &...

CVE-2021-1924

CVE-2021-1924 is an information-disclosure vulnerability arising from timing and power-side channels during RSA-CRT mod exponentiation in Qualcomm/Snapdragon closed-source components (notably in Snapdragon Auto/Compute/Connectivity families). The issue is described across multiple sources, includ...

CVE-2021-1924

Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice &...

Qualcomm 多款组件加密问题漏洞

Qualcomm MDM9206 and others are products of Qualcomm Incorporated.MDM9206 is a central processing unit CPU.MDM9607 is a central processing unit CPU.MDM9640 is a central processing unit CPU.MDM9650 is a central processing unit CPU.MSM8996AU is a central processing unit CPU.QCA6574AU is a central...

The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS) makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack.

...

CVE-2017-5681

The RSA-CRT implementation in the Intel QuickAssist Technology QAT Engine for OpenSSL versions prior to 0.5.19 may allow remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack...

CVE-2017-5681

The RSA-CRT implementation in the Intel QuickAssist Technology QAT Engine for OpenSSL versions prior to 0.5.19 may allow remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack...

Code injection

The RSA-CRT implementation in the Intel QuickAssist Technology QAT Engine for OpenSSL versions prior to 0.5.19 may allow remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack...

CVE-2017-5681

The RSA-CRT implementation in the Intel QuickAssist Technology QAT Engine for OpenSSL versions prior to 0.5.19 may allow remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack...

CVE-2017-5681

The CVE-2017-5681 entry concerns the RSA-CRT implementation in the Intel QuickAssist Technology (QAT) Engine for OpenSSL before version 0.5.19. The vulnerability enables remote attackers to potentially obtain private RSA keys via a Lenstra side-channel attack. Affected component: QAT Engine’s RSA...

Intel® QuickAssist Technology RSA-CRT Vulnerability

Summary: The RSA-CRT implementation in the Intel® QuickAssist Technology QAT Engine for OpenSSL versions prior to 0.5.19 may allow remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack. Description: The RSA-CRT implementation in the Intel® QuickAssist Technology...

The developer’s code set vulnerability in Cavium’s SDK, allowing attackers to obtain encrypted RSA keys.

The vulnerability of the RSA-CRT implementation in the developer’s toolkit for devices based on Cavium processors is related to the lack of protection for sensitive data. Exploiting this vulnerability allows a malicious actor to obtain encrypted RSA keys by launching attacks through external...

Debian DSA-3688-1 : nss - security update (Logjam) (SLOTH)

Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project. - CVE-2015-4000 David Adrian et al. reported that it may be feasible to attack Diffie-Hellman-based cipher suites in certain circumstances, compromising the confidentiality and integrity of...

Debian Security Advisory DSA 3688-1 (nss - security update)

Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project. CVE-2015-4000 David Adrian et al. reported that it may be feasible to attack Diffie-Hellman-based cipher suites in certain circumstances, compromising the confidentiality and integrity of da...

CVE-2015-5738

The RSA-CRT implementation in the Cavium Software Development Kit SDK 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy PFS, makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack...