Lucene search
K

44 matches found

OSV
OSV
added 2026/06/19 1:41 p.m.7 views

SUSE-SU-2026:2472-1 Security update for apache-sshd, jpgpj

This update for apache-sshd, jpgpj fixes the following issues - CVE-2020-36843: no check performed on scalar to avoid signature malleability bsc1239551. - CVE-2026-48827: Apache MINA SSHD: Path traversal in org.apache.sshd: sshd-git bsc1267018. Changes for jpgpj: - Initial packaging with v1.3...

7.1CVSS5.8AI score0.00527EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/03 12:0 a.m.12 views

apache-sshd-2.18.0-1.1 on GA media (moderate)

apache-sshd-2.18.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10919-1 Rating: moderate Cross-References: CVE-2020-36843 CVE-2026-48827 CVSS scores: CVE-2020-36843 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2020-36843 SUSE : 8.7...

8.7CVSS6.5AI score0.00527EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2023-36843

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00332EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/30 3:44 p.m.5 views

Security Bulletin: IBM App Connect Enterprise Toolkit is vulnerable to Improper Verification of Cryptographic Signature due to EdDSA (CVE-2020-36843)

Summary IBM App Connect Enterprise Toolkit is vulnerable to Improper Verification of Cryptographic Signature due to EdDSA. Vulnerability Details CVEID:CVE-2020-36843 DESCRIPTION: The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not...

4.3CVSS6.5AI score0.00133EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/15 4:8 p.m.6 views

Security Bulletin: IBM Datapower Operations Dashboard could allow attackers to create new valid signatures different from previous signatures for a known message CVE-2020-36843

Summary EdDSA is used by the IBM Datapower Operations Dashboard for its cryptographic implementation Vulnerability Details CVEID:CVE-2020-36843 DESCRIPTION: The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA...

4.3CVSS6.6AI score0.00133EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-36843 Malicious code in threw2 (npm)

The package threw2 was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 11:9 p.m.3 views

CVE-2022-36843

A heap-based overflow vulnerability in MHWRECOGLIBINFO function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault...

7.8CVSS7AI score0.00101EPSS
Exploits0References1
OSV
OSV
added 2025/03/29 6:22 a.m.7 views

OESA-2025-1334 ed25519-java security update

This is an implementation of EdDSA in Java. Structurally, it is based on the ref10 implementation in SUPERCOP see http://ed25519.cr.yp.to/software.html. There are two internal implementations: A port of the radix-2^51 operations in ref10 - fast and constant-time, but only useful for Ed25519. A...

4.3CVSS6.8AI score0.00133EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/03/28 12:0 a.m.11 views

openSUSE Security Advisory (SUSE-SU-2025:1029-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.4AI score0.00133EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/03/28 12:0 a.m.5 views

SUSE: Security Advisory (SUSE-SU-2025:1029-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.4AI score0.00133EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/27 12:0 a.m.9 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ed25519-java (SUSE-SU-2025:1029-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1029-1 advisory. - CVE-2020-36843: Fixed no check performed on scalar to avoid signature malleability bsc1239551 Tenable h...

4.3CVSS6AI score0.00133EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/03/26 1:11 p.m.2 views

Security update for ed25519-java

This update for ed25519-java fixes the following issues: CVE-2020-36843: Fixed no check performed on scalar to avoid signature malleability bsc1239551 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.7CVSS5AI score0.00133EPSS
Exploits0References4
OSV
OSV
added 2025/03/26 1:11 p.m.8 views

SUSE-SU-2025:1029-1 Security update for ed25519-java

This update for ed25519-java fixes the following issues: - CVE-2020-36843: Fixed no check performed on scalar to avoid signature malleability bsc1239551...

4.3CVSS7.1AI score0.00133EPSS
Exploits0References3
Wolfi
Wolfi
added 2025/03/20 4:43 a.m.21 views

CVE-2020-36843 vulnerabilities

Vulnerabilities for packages: jenkins, thingsboard...

4.3CVSS6.3AI score0.00133EPSS
Exploits0
Chainguard
Chainguard
added 2025/03/20 4:12 a.m.25 views

CVE-2020-36843 vulnerabilities

Vulnerabilities for packages: jenkins, gradle, thingsboard...

4.3CVSS6.3AI score0.00133EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/19 12:0 a.m.35 views

Jenkins plugins Multiple Vulnerabilities (2025-03-19)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA...

6.5CVSS6.1AI score0.00274EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2025/03/16 12:0 a.m.5 views

ed25519-java-0.3.0-6.1 on GA media (moderate)

ed25519-java-0.3.0-6.1 on GA media Announcement ID: openSUSE-SU-2025:14892-1 Rating: moderate Cross-References: CVE-2020-36843 CVSS scores: CVE-2020-36843 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2020-36843 SUSE : 8.7...

8.7CVSS5.2AI score0.00133EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/03/13 6:30 a.m.7 views

com.peersafe:chainsql (>=1.0 <=3.0.4), net.i2p.android:client (>=0.9.27 <=0.9.33) +4 more potentially affected by CVE-2020-36843 via net.i2p:i2p (>=0.9.26 <=0.9.38)

net.i2p:i2p MAVEN version =0.9.26, =1.0, =0.9.27, =0.9.26, =0.9.26, =0.9.27, =0.9.30, =0.9.38 Source cves: CVE-2020-36843 Source advisory: OSV:GHSA-P53J-G8PW-4W5F...

4.3CVSS6.4AI score0.00133EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/03/13 6:30 a.m.10 views

ai.superstream:kafka-clients (>=3.0.1 <=3.6.1-alpha1), ai.superstream:spring-kafka (>=2.8.4-alpha1 <=3.0.1-alpha1) +1831 more potentially affected by CVE-2020-36843 via net.i2p.crypto:eddsa (>=0.1.0 <=0.3.0)

net.i2p.crypto:eddsa MAVEN version =0.1.0, =3.0.1, =2.8.4-alpha1, =0.0.1-alpha1, =0.0.6, =2.1.2, =2.1.2, =2.2, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.9 and more Source cves: CVE-2020-36843 Source advisory: OSV:GHSA-P53J-G8PW-4W5F...

4.3CVSS6AI score0.00133EPSS
Exploits0
NVD
NVD
added 2025/03/13 6:15 a.m.14 views

CVE-2020-36843

The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA Strong Existential Unforgeability under Chosen Message Attacks property. This allows attackers to create new valid signatures different from previous signature...

4.3CVSS0.00133EPSS
Exploits0References2
Rows per page
Query Builder