CVE-2016-1494
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2016-1494
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Python-RSA 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
RSA package for Python(Python-RSA)是一个Python RSA实现,它支持加密和解密、签名和验证签名、密钥生成等。 Python-RSA 3.3之前版本中的‘verify’函数中存在安全漏洞。攻击者可借助特制的签名填充利用该漏洞使用较小的公共指数伪造签名。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2016-1494
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Exploit of the CVE-2016-1494 allowing to forge signatures of RSA keys with low exponents | https://github.com/matthiasbe/secuimag3a | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2016-1494
Please Login to view more intelligence information
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175942.htmlvendor-advisoryx_refsource_FEDORA
- http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175897.htmlvendor-advisoryx_refsource_FEDORA
- https://nvd.nist.gov/vuln/detail/CVE-2016-1494
Same Patch Batch · n/a · 2016-01-13 · 28 CVEs total
| CVE-2016-0012 | Microsoft Office ASLR绕过漏洞 | |
| CVE-2016-0035 | Microsoft Office 内存损坏漏洞 | |
| CVE-2016-0034 | Microsoft Silverlight运行时远程执行代码漏洞 | |
| CVE-2016-0032 | Microsoft Exchange 欺骗漏洞 | |
| CVE-2016-0031 | Microsoft Exchange 欺骗漏洞 | |
| CVE-2016-0030 | Microsoft Exchange 欺骗漏洞 | |
| CVE-2016-0029 | Microsoft Exchange 欺骗漏洞 | |
| CVE-2016-0024 | Microsoft Chakra JavaScript脚本引擎内存损坏漏洞 | |
| CVE-2016-0020 | Microsoft Windows DLL加载特权提升漏洞 | |
| CVE-2016-0019 | Microsoft Windows远程桌面协议安全绕过漏洞 | |
| CVE-2016-0018 | Microsoft Windows DLL加载远程执行代码漏洞 | |
| CVE-2016-0016 | Microsoft Windows DLL加载远程执行代码漏洞 | |
| CVE-2016-0015 | Microsoft Windows DirectShow堆损坏远程执行代码漏洞 | |
| CVE-2016-0014 | Microsoft Windows DLL加载特权提升漏洞 | |
| CVE-2015-8466 | Swift3 安全漏洞 | |
| CVE-2016-0011 | Microsoft SharePoint安全功能绕过漏洞 | |
| CVE-2016-0010 | Microsoft Office 内存损坏漏洞 | |
| CVE-2016-0009 | Microsoft Windows Win32k 远程执行代码漏洞 | |
| CVE-2016-0008 | Microsoft Windows GDI32.dll ASLR绕过漏洞 | |
| CVE-2016-0007 | Microsoft Windows装入点特权提升漏洞 |
Showing top 20 of 28 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2016-1494
No comments yet