Lucene search
+L

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.9 views

Fedora 42 : rnp (2025-7bef956026)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-7bef956026 advisory. Version 0.18.1 Security Fixed critical issue where PKESK public-key encrypted session keys were generated as all-zero, allowing trivial decryption o...

8.7CVSS6AI score0.00274EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.8 views

Fedora 43 : rnp (2025-a96ccc98ca)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a96ccc98ca advisory. Version 0.18.1 Security Fixed critical issue where PKESK public-key encrypted session keys were generated as all-zero, allowing trivial decryption o...

8.7CVSS6AI score0.00274EPSS
Exploits0References3
OSV
OSV
added 2025/11/27 12:39 p.m.4 views

OPENSUSE-SU-2025:20116-1 Security update for rnp

This update for rnp fixes the following issues: - update to 0.18.1: CVE-2025-13470: PKESK public-key encrypted session keys were generated as all-zero, allowing trivial decryption of messages encrypted with public keys only boo1253957, CVE-2025-13402...

8.7CVSS5.8AI score0.00274EPSS
Exploits0References3
Circl
Circl
added 2025/11/21 7:42 p.m.18 views

CVE-2025-13470

creationtimestamp| type| source ---|---|--- 2025-11-21 19:42:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m66247hppf2n...

8.7CVSS5.8AI score0.00274EPSS
Exploits0References1
OSV
OSV
added 2025/11/21 5:15 p.m.1 views

DEBIAN-CVE-2025-13470

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release...

8.7CVSS5.5AI score0.00274EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/11/21 5:15 p.m.3 views

CVE-2025-13470

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release...

8.7CVSS6AI score0.00274EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2025/11/21 5:5 p.m.3 views

CVE-2025-13470 RNP 0.18.0 Vulnerable PKESK session keys

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release...

8.7CVSS6.7AI score0.00274EPSS
Exploits0References8
Circl
Circl
added 2025/01/30 7:26 a.m.10 views

CVE-2024-13470

creationtimestamp| type| source ---|---|--- 2025-01-30 07:26:06+00:00| seen| https://infosec.exchange/users/cve/statuses/113916114728274376 2025-01-30 08:15:57+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgx26d563n2r 2025-01-30 10:04:59+00:00| seen|...

6.4CVSS7.3AI score0.00297EPSS
Exploits0References4
CVE
CVE
added 2020/08/31 3:33 p.m.42 views

CVE-2020-13470

CVE-2020-13470 affects Gigadevice GD32F103 and GD32F130 microcontrollers. The root cause is physical access enabling probing of bonding wires to de-obfuscate and extract data, with potential high integrity impact and no public remediation details in the provided documents. Monitor for vendor advi...

4.6CVSS4.7AI score0.0038EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/07/09 9:0 p.m.137 views

CVE-2019-13470

CVE-2019-13470 affects MatrixSSL prior to 4.2.1. It is an out-of-bounds read during ASN.1 handling, with network-based exploitation, no authentication, and high impact to confidentiality, integrity, and availability. Remediation: upgrade to MatrixSSL 4.2.1 or apply vendor patch as available.

9.8CVSS9.3AI score0.01618EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/07/09 9:0 p.m.27 views

CVE-2019-13470

MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling...

9.5AI score0.01618EPSS
Exploits0References1
NVD
NVD
added 2018/07/09 6:29 a.m.9 views

CVE-2018-13470

The mintToken function of a smart contract implementation for BuyerToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...

7.5CVSS7.7AI score0.01094EPSS
Exploits1References2
CVE
CVE
added 2018/07/09 6:0 a.m.36 views

CVE-2018-13470

The CVE-2018-13470 entry concerns an integer overflow in the mintToken function of a BuyerToken smart contract (an Ethereum token). The vulnerability allows the contract owner to set an arbitrary user’s balance to any value, as described in multiple sources (e.g., NVD/CNVD/CVE records) and linked...

7.5CVSS7.7AI score0.01094EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder