Lucene search
K

2042 matches found

CVE
CVE
added 2026/04/02 4:52 p.m.358 views

CVE-2026-35387

OpenSSH before 10.3 is affected by CVE-2026-35387: when listing any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms, the client/server may misinterpret this as enabling all ECDSA algorithms. The result is the unintended use of ECDSA keys, with confidentiality impact lis...

6.5CVSS5.9AI score0.00237EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/04/02 4:52 p.m.4 views

CVE-2026-35387

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...

6.5CVSS5.2AI score0.00237EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.10 views

PT-2026-29834

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 10.3 Description OpenSSH versions before 10.3 incorrectly handle ECDSA algorithms. Specifically, the software misinterprets the listing of any ECDSA algorithm in the PubkeyAcceptedAlgorithms or...

8.1CVSS5.7AI score0.00419EPSS
Exploits0References56
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.11 views

OpenSSH 安全漏洞

OpenSSH OpenBSD Secure Shell is a set of open-source tools developed by OpenBSD in Canada, designed for secure access to remote computers. This tool is an open-source implementation of the SSH protocol, supporting encryption of all transmissions. It effectively prevents eavesdropping, connection...

6.5CVSS5.9AI score0.00237EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/04/02 12:0 a.m.4 views

python-ecdsa Denial of Service

python-ecdsa suffers from a denial of service vulnerability...

5.3CVSS5.8AI score0.00476EPSS
Exploits1
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/02 12:0 a.m.6 views

python311-ecdsa-0.19.2-1.1 on GA media (moderate)

python311-ecdsa-0.19.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10468-1 Rating: moderate Cross-References: CVE-2026-33936 CVSS scores: CVE-2026-33936 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-33936 SUSE : 6.3...

6.3CVSS5.9AI score0.00476EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/04/01 12:0 a.m.4 views

Quantum-Safe Code Auditing: LLM-Assisted Static Analysis and Quantum-Aware Risk Scoring for Post-Quantum Cryptography Migration

The impending arrival of cryptographically relevant quantum computers CRQCs threatens the security foundations of modern software: Shor's algorithm breaks RSA, ECDSA, ECDH, and Diffie-Hellman, while Grover's algorithm reduces the effective security of symmetric and hash-based schemes. Despite NIS...

6AI score
Exploits0
OSV
OSV
added 2026/03/31 12:0 a.m.2 views

OPENSUSE-SU-2026:10468-1 python311-ecdsa-0.19.2-1.1 on GA media

These are all security issues fixed in the python311-ecdsa-0.19.2-1.1 package on the GA media of openSUSE Tumbleweed...

5.3CVSS5.9AI score0.00476EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/30 10:48 a.m.6 views

CVE-2026-33936

A flaw was found in the ecdsa Python package, which is used for cryptographic operations. A remote attacker can exploit this vulnerability by sending a specially crafted data input, known as Distinguished Encoding Rules DER. This malformed input can cause applications that process untrusted...

5.3CVSS5.9AI score0.00476EPSS
Exploits1References6
Microsoft CVE
Microsoft CVE
added 2026/03/29 8:1 a.m.6 views

python-ecdsa: Denial of Service via improper DER length validation in crafted private keys

...

5.3CVSS5.9AI score0.00476EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-33936

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdD...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References3
OSV
OSV
added 2026/03/27 11:17 p.m.3 views

DEBIAN-CVE-2026-33936

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...

5.3CVSS5.2AI score0.00476EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/03/27 11:17 p.m.5 views

CVE-2026-33936

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References5
OSV
OSV
added 2026/03/27 10:8 p.m.6 views

CVE-2026-33936 python-ecdsa: Denial of Service via improper DER length validation in crafted private keys

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/27 10:8 p.m.10 views

CVE-2026-33936 python-ecdsa: Denial of Service via improper DER length validation in crafted private keys

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References3
CVE
CVE
added 2026/03/27 10:8 p.m.74 views

CVE-2026-33936

CVE-2026-33936 affects the Python package python-ecdsa (pre-0.19.2). A flaw in the low-level DER parsing (remove_octet_string) can cause generated truncated DER inputs to be accepted, allowing SigningKey.from_der() to raise an internal IndexError instead of rejecting malformed data, potentially c...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2026/03/27 10:8 p.m.3 views

CVE-2026-33936

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...

5.3CVSS5.2AI score0.00476EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/03/27 10:8 p.m.3 views

CVE-2026-33936

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Prior to version 0.19.2, an issue in the low-level D...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/27 3:56 p.m.6 views

GHSA-9F5J-8JWJ-X28G python-ecdsa: Denial of Service via improper DER length validation in crafted private keys

Summary An issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions. 1. ecdsa.der.removeoctetstring accepts truncated DER where the encoded length exceeds the available buffer. For example, an OCTET STRING that declares a length of 40...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References5
vulnersOsv
vulnersOsv
added 2026/03/27 3:56 p.m.5 views

acapy-plugin-pickup (>=0.1.0.post1 <=0.2.0), acapy-wallet-groups-plugin (>=0.5.1 <=0.7.0) +368 more potentially affected by CVE-2026-33936 via ecdsa (>=0.13.0 <=0.19.1)

ecdsa PYPI version =0.13.0, =0.1.0.post1, =0.5.1, =0.1.7, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.1.1, =1.0.0, =0.4.2, =0.1.2, =0.0.3, =0.2.0, =0.4.0 and more Source cves: CVE-2026-33936 Source advisory: SNYK:PYTHON-ECDSA-15792390...

5.3CVSS5.7AI score0.00476EPSS
Exploits1
Rows per page
Query Builder