Lucene search
K

193 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-18457

Malware in sbrugna...

5.9CVSS6.1AI score0.02318EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-15063

Malicious code in bioql PyPI...

1CVSS6.6AI score0.00184EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2485

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00844EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-40774

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.02176EPSS
Exploits0References25
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2020-36843

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA Strong Existential...

4.3CVSS6.5AI score0.00133EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/31 12:0 a.m.6 views

The vulnerability of the Sparkle framework on the Oracle Java SE software platform arises from the ability to expose files or directories to external parties. This allows a perpetrator to bypass the signature verification mechanism and gain full control over the application.

The vulnerability of the Sparkle framework on the Oracle Java SE software platform relates to the exposure of files or directories to external parties. Exploiting this vulnerability could allow an attacker to bypass the EdDSA signature verification and gain full control over the application...

7.3CVSS7.7AI score0.00886EPSS
Exploits0References4Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/18 7:43 p.m.6 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to Improper Verification of Cryptographic Signature in SSHJ (CVE-2020-36843)

Summary The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA Strong Existential Unforgeability under Chosen Message Attacks property. This allows attackers to create new valid signatures different from previous...

4.3CVSS6.6AI score0.00133EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 3: bind (TSSA-2022:0196)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0196 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS7AI score0.02299EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/05/27 12:0 a.m.21 views

ABB M2M Gateway Memory Leak in embedded Bind (CVE-2022-38178)

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. This plugin only works with Tenable.ot. Please visit...

7.5CVSS6.6AI score0.02176EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2025/05/01 2:39 p.m.7 views

CVE-2025-3301

DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 on all Series 2 modules and SoCs due to a lack of hardware and software support. A successful DPA attack may result in exposure of confidential information. The best practice is to u...

1CVSS6.9AI score0.00184EPSS
Exploits0References1
NVD
NVD
added 2025/04/29 2:15 p.m.20 views

CVE-2025-3301

DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 on all Series 2 modules and SoCs due to a lack of hardware and software support. A successful DPA attack may result in exposure of confidential information. The best practice is to u...

1CVSS0.00184EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/29 1:47 p.m.21 views

CVE-2025-3301 DPA Countermeasures Unavailable for Certain Cryptographic Operations on Series 2 Devices

DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 on all Series 2 modules and SoCs due to a lack of hardware and software support. A successful DPA attack may result in exposure of confidential information. The best practice is to u...

1CVSS6.5AI score0.00184EPSS
Exploits0References1
CVE
CVE
added 2025/04/29 1:47 p.m.61 views

CVE-2025-3301

CVE-2025-3301 concerns DPA countermeasures being unavailable for ECDH key agreement and EdDSA signing on Curve25519 and Curve448 on all Series 2 modules and SoCs due to lack of hardware and software support. The consequence is potential exposure of confidential information if a DPA attack is succ...

1CVSS6.5AI score0.00184EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/29 12:0 a.m.9 views

PT-2025-18163 · Series 2 · Series 2

Name of the Vulnerable Software and Affected Versions: Series 2 modules and SoCs affected versions not specified Description: A lack of hardware and software support for DPA countermeasures in ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 may result in exposure of...

1CVSS6.1AI score0.00184EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/03/19 12:0 a.m.35 views

Jenkins plugins Multiple Vulnerabilities (2025-03-19)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA...

6.5CVSS6.1AI score0.00274EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/03/14 7:56 p.m.14 views

CVE-2020-36843

A flaw was found in EdDSA-Java ed25519-java. This vulnerability allows attackers to create new valid signatures different from previous signatures for a known message via signature malleability, violating the Strong Existential Unforgeability under Chosen Message Attacks SUF-CMA property...

4.3CVSS6.5AI score0.00133EPSS
Exploits0References5
NVD
NVD
added 2025/03/13 6:15 a.m.13 views

CVE-2020-36843

The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA Strong Existential Unforgeability under Chosen Message Attacks property. This allows attackers to create new valid signatures different from previous signature...

4.3CVSS0.00133EPSS
Exploits0References2
OSV
OSV
added 2025/03/13 6:15 a.m.14 views

CVE-2020-36843

The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA Strong Existential Unforgeability under Chosen Message Attacks property. This allows attackers to create new valid signatures different from previous signature...

4.3CVSS4.5AI score
Exploits0References2
OSV
OSV
added 2025/03/13 6:15 a.m.3 views

DEBIAN-CVE-2020-36843

The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA Strong Existential Unforgeability under Chosen Message Attacks property. This allows attackers to create new valid signatures different from previous signature...

4.3CVSS5.9AI score0.00133EPSS
Exploits0References1
Snyk
Snyk
added 2025/03/13 5:47 a.m.2 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the xengineVerify method in EdDSAEngine.java, which does not comply with RFC 8032 specifications for signature maleability. An attacker can create new valid signatures different from...

7.5CVSS6.9AI score0.00133EPSS
Exploits0References2
Rows per page
Query Builder