CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

58 matches found

Tenable Nessus•added 2026/06/17 12:0 a.m.•7 views

Bosch Security Systems IP Cameras NXP Chip Side-Channel Key Extraction (CVE-2021-3011)

Several Bosch IP cameras are built on a hardware platform that uses an NXP SmartMX/P5x secure element affected by an electromagnetic-wave side-channel vulnerability. An attacker with extended physical access to the device could recover the ECDSA private key and clone the device. The issue resides...

4.2CVSS5.5AI score0.00196EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2016-3922

Malware in sbrugna...

7.5CVSS7.6AI score0.02463EPSS

Exploits0References9

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2009-0056

Malware in sbrugna...

5CVSS6.1AI score0.01181EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2008-5056

Malware in sbrugna...

5.8CVSS7.7AI score0.05188EPSS

Exploits1References48

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2009-0034

Malware in sbrugna...

5CVSS6AI score0.0317EPSS

Exploits0References24

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2009-0057

Malware in sbrugna...

5CVSS6.1AI score0.01181EPSS

Exploits0References4

OSV•added 2024/09/03 8:15 p.m.•3 views

CVE-2024-45678

Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...

4.2CVSS5.7AI score0.00329EPSS

Exploits0References6

OSV•added 2024/08/27 7:15 p.m.•2 views

DEBIAN-CVE-2024-5288

An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSLCHECKSIGFAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault...

5.9CVSS5.3AI score0.0042EPSS

Exploits0References1

BDU FSTEC•added 2024/06/20 12:0 a.m.•4 views

The vulnerability of the OpenSSH ECDSA Key Handler component in JavaScript-based object signing and encryption technologies allows a malicious actor to gain unauthorized access to OpenSSH ECDSA public keys.

The vulnerability of the OpenSSH ECDSA Key Handler component in JavaScript-based object signing and encryption technologies is related to the determination of the blacklist of prefixes for public keys. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to...

7.8CVSS6.7AI score0.00307EPSS

Exploits1References4Affected Software2

OSV•added 2024/05/07 3:58 p.m.•5 views

OPENSUSE-SU-2024:0118-1 Security update for python-python-jose

This update for python-python-jose fixes the following issues: CVE-2024-33663: Fixed algorithm confusion with OpenSSH ECDSA keys and other key formats boo1223417...

6.5CVSS6.8AI score0.00307EPSS

Exploits1References3

Veracode•added 2024/04/29 6:33 a.m.•44 views

Improper Signature Validation

python-jose is vulnerable to Improper Signature Validation. This vulnerability is due to improper verification of OpenSSH ECDSA keys along with other key formats, allowing attackers to bypass security measures or manipulate cryptographic functions by submitting crafted signatures with a specific...

6.5CVSS6.8AI score0.00307EPSS

Exploits1References4Affected Software1