Lucene search
K

5 matches found

OSV
OSV
added 2026/05/08 1:31 p.m.2 views

CVE-2026-43336 lib/crypto: chacha: Zeroize permuted_state before it leaves scope

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: chacha: Zeroize permutedstate before it leaves scope Since the ChaCha permutation is invertible, the local variable 'permutedstate' is sufficient to compute the original 'state', and thus the key, even after the...

7.5CVSS5.8AI score0.00425EPSS
Exploits0References11
NVD
NVD
added 2026/01/12 6:15 p.m.13 views

CVE-2026-22251

wlc is a Weblate command-line client using Weblate's REST API. Prior to 1.17.0, wlc supported providing unscoped API keys in the setting. This practice was discouraged for years, but the code was never removed. This might cause the API key to be leaked to different servers...

5.5CVSS0.00164EPSS
Exploits0References3
OSV
OSV
added 2018/10/29 4:28 p.m.8 views

SUSE-SU-2018:3553-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1...

7.5CVSS7.3AI score0.03196EPSS
Exploits0References3
PyPA
PyPA
added 2018/07/30 4:29 p.m.8 views

PYSEC-2018-52

A flaw was found in python-cryptography versions between =1.9.0 and 2.3. The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1 byte suc...

7.5CVSS6.4AI score0.03196EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2017/01/31 6:3 p.m.8 views

USN-3181-1 openssl vulnerabilities

Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS as other releases were...

9.8CVSS6.8AI score0.57595EPSS
Exploits2References7
Rows per page
Query Builder