CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-29505
https://notcve.org/view.php?id=CVE-2020-29505
11 Jul 2022 — Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Key Management Error Vulnerability. Dell BSAFE Crypto-C Micro Edition, versiones anteriores a la 4.1.5, y Dell BSAFE Micro Edition Suite, versiones anteriores a la 4.5.2, contienen una vulnerabilidad de error en la gestión de claves • https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities • CWE-331: Insufficient Entropy •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-3733
https://notcve.org/view.php?id=CVE-2019-3733
30 Sep 2019 — RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure. RSA BSAFE Crypto-C Micro Edition, todas las versiones anteriores a 4.1.4, es susceptible a tres (3) vulnerabilidades diferentes de Borrado Inapropiado de la Memoria de la Pila ... • https://www.dell.com/support/kbdoc/000194054 • CWE-316: Cleartext Storage of Sensitive Information in Memory CWE-459: Incomplete Cleanup •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-3732
https://notcve.org/view.php?id=CVE-2019-3732
30 Sep 2019 — RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure. RSA BSAFE Crypto-C Micro Edition, versiones anteriores ... • https://www.dell.com/support/kbdoc/000194054 • CWE-203: Observable Discrepancy CWE-385: Covert Timing Channel •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-3731
https://notcve.org/view.php?id=CVE-2019-3731
30 Sep 2019 — RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure. RSA BSAFE Crypto-C Micro Edition versiones anteriores a 4.1.4 y RSA Micro Edition Suite versiones anteriores a 4.4, son vulnerables a una Exposición de Información por Discrepancia de Sincronización. Un usuari... • https://www.dell.com/support/kbdoc/000194054 • CWE-203: Observable Discrepancy CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-3728
https://notcve.org/view.php?id=CVE-2019-3728
30 Sep 2019 — RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) and 4.1.4 (in 4.1.x) and RSA BSAFE Micro Edition Suite versions prior to 4.0.13 (in 4.0.x) and prior to 4.4 (in 4.1.x, 4.2.x, 4.3.x) are vulnerable to a Buffer Over-read vulnerability when processing DSA signature. A malicious remote user could potentially exploit this vulnerability to cause a crash in the library of the affected system. RSA BSAFE Crypto-C Micro Edition versiones anteriores a 4.0.5.4 (en versiones 4.0.x) y 4.1.4 (en versi... • https://www.dell.com/support/kbdoc/000194054 • CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 0%CPEs: 7EXPL: 0CVE-2016-0887 – RSA BSAFE Lenstra's Attack
https://notcve.org/view.php?id=CVE-2016-0887
11 Apr 2016 — EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before 6.2.1, and RSA BSAFE SSL-C before 2.8.9 allow remote attackers to discover a private-key prime by conducting a Lenstra side-channel attack that leverages an application's failure to detect an RSA signature failure during a TLS session. EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x y 4.1.x en versiones anteriores a ... • http://packetstormsecurity.com/files/136656/RSA-BSAFE-Lenstras-Attack.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2007-6755
https://notcve.org/view.php?id=CVE-2007-6755
11 Oct 2013 — The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead t... • http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •