Lucene search
+L

2047 matches found

OSV
OSV
added 5 days ago6 views

JLSEC-2026-682 Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a...

Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Meaning k = r mod n. The division used during the reduction estimates a factor qe by dividing the upper two digits a digit having e....

4.9CVSS6.1AI score0.00349EPSS
Exploits0References4
OSV
OSV
added 5 days ago6 views

JLSEC-2026-675

An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signatures. These signatures can be processed via ...

5.3CVSS6.1AI score0.00527EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 5 days ago10 views

CVE-2026-50722

A flaw was found in Libreswan's implementation of IKEv2 authentication when processing signatures utilizing the RSASSA-PKCS1-v15 scheme. The RSAauthenticatehashsignaturepkcs115rsa function does not correctly validate the DER encoding of the ASN.1 digest. A remote, unauthenticated attacker could...

8.1CVSS6.1AI score0.00352EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.8 views

EulerOS 2.0 SP15 : openssh (EulerOS-SA-2026-2455)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.CVE-2026-35388 OpenSSH before 10.3 mishandles...

8.2CVSS7.4AI score0.0218EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.11 views

EulerOS 2.0 SP15 : python-cryptography (EulerOS-SA-2026-2459)

According to the versions of the python-cryptography packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the...

8.2CVSS6.7AI score0.00341EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.12 views

EulerOS 2.0 SP15 : python-cryptography (EulerOS-SA-2026-2500)

According to the versions of the python-cryptography packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the...

8.2CVSS6.7AI score0.00341EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.8 views

EulerOS 2.0 SP15 : openssh (EulerOS-SA-2026-2496)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.CVE-2026-35388 OpenSSH before 10.3 mishandles...

8.2CVSS7.4AI score0.0218EPSS
Exploits0References7
OSV
OSV
added 2026/06/18 9:37 a.m.4 views

SUSE-SU-2026:22158-1 Security update for python-ecdsa

This update for python-ecdsa fixes the following issue: - CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References3
OSV
OSV
added 2026/06/18 9:36 a.m.5 views

OPENSUSE-SU-2026:21078-1 Security update for python-ecdsa

This update for python-ecdsa fixes the following issue: - CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009...

5.3CVSS5.7AI score0.00476EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.20 views

Bosch Security Systems IP Cameras NXP Chip Side-Channel Key Extraction (CVE-2021-3011)

Several Bosch IP cameras are built on a hardware platform that uses an NXP SmartMX/P5x secure element affected by an electromagnetic-wave side-channel vulnerability. An attacker with extended physical access to the device could recover the ECDSA private key and clone the device. The issue resides...

4.2CVSS5.5AI score0.00196EPSS
Exploits1References2
OSV
OSV
added 2026/06/15 3:56 p.m.9 views

MGASA-2026-0210 Updated putty packages fix security vulnerabilities

ECDSA signature verification can be made to fail an assertion. Server can provoke a double free in RSA KEX code. Telnet session data is marked with trust sigils after authenticating to a proxy. PuTTY Ed25519 Signature ecc-ssh.c eddsaverify signature verification. CVE-2026-4115...

6.3CVSS5.3AI score0.00534EPSS
Exploits1References7
Mageia
Mageia
added 2026/06/15 3:56 p.m.13 views

Updated putty packages fix security vulnerabilities

ECDSA signature verification can be made to fail an assertion. Server can provoke a double free in RSA KEX code. Telnet session data is marked with trust sigils after authenticating to a proxy. PuTTY Ed25519 Signature ecc-ssh.c eddsaverify signature verification. CVE-2026-4115...

6.3CVSS4.8AI score0.00534EPSS
Exploits1References6
Mageia
Mageia
added 2026/06/10 5:11 p.m.8 views

Updated openssh packages fix security vulnerabilities

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode. CVE-2026-35385 In OpenSSH before 10.3, command execution can occur vi...

8.1CVSS6AI score0.00419EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.10 views

EulerOS 2.0 SP13 : openssh (EulerOS-SA-2026-2348)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a...

8.2CVSS7.4AI score0.0218EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.9 views

EulerOS 2.0 SP13 : python-ecdsa (EulerOS-SA-2026-2309)

According to the versions of the python-ecdsa packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital...

5.3CVSS5.5AI score0.00476EPSS
Exploits1References2
OSV
OSV
added 2026/06/03 2:49 p.m.8 views

ROOT-APP-PYPI-CVE-2026-33936 CVE-2026-33936 in rootio-ecdsa - Patched by Root

Root has patched CVE-2026-33936 in the rootio-ecdsa package for Root:PyPI. Multiple fixed versions available...

5.3CVSS5.8AI score0.00476EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/28 9:5 p.m.24 views

Security Bulletin: Multiple vulnerabilities in OpenSSH affect AIX

Summary There are multiple vulnerabilities in OpenSSH used by AIX CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414. OpenSSH is used by AIX for remote login. Vulnerability Details CVEID:CVE-2026-35385 DESCRIPTION: In OpenSSH before 10.3, a file downloaded by scp may b...

8.1CVSS5.8AI score0.00419EPSS
Exploits0Affected Software2
RedHat Linux
RedHat Linux
added 2026/05/27 10:13 p.m.16 views

cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

A validation flaw has been discovered in the python cryptography package. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification ECDSA and...

8.2CVSS6.8AI score0.00341EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/05/27 12:57 p.m.16 views

SUSE CVE-2026-48852

PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...

3.7CVSS5.8AI score0.00274EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.41 views

Amazon Linux 2023 : openssh, openssh-clients, openssh-keycat (ALAS2023-2026-1745)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1745 advisory. Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the...

8.2CVSS5.9AI score0.0218EPSS
Exploits0References12
Rows per page
Query Builder