181 matches found
The Jasmin Compiler Preserves Cryptographic Security
Jasmin is a programming and verification framework for developing efficient, formally verified, cryptographic implementations. A main component of the framework is the Jasmin compiler, which empowers programmers to write efficient implementations of state-of-the-art cryptographic primitives,...
EUVD-2012-0907
Malware in sbrugna...
EUVD-2011-1110
Malware in sbrugna...
EUVD-2005-0367
Malware in sbrugna...
EUVD-2013-4434
Malware in sbrugna...
EUVD-2019-16152
Malware in sbrugna...
EUVD-2022-26190
Malicious code in bioql PyPI...
Erlang/OTP (Erlang OTP) Adaptive Chosen Ciphertext Vulnerability (GHSA-mhm2-354q-3277) - Linux
Erlang/OTP Erlang OTP is prone to an adaptive chosen ciphertext vulnerability in the ssl component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Erlang/OTP (Erlang OTP) Adaptive Chosen Ciphertext Vulnerability (GHSA-mhm2-354q-3277) - Windows
Erlang/OTP Erlang OTP is prone to an adaptive chosen ciphertext vulnerability in the ssl component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Linux Distros Unpatched Vulnerability : CVE-2018-12404
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chose...
AEADs/ascon-aead: Plaintext exposed in decrypt_in_place_detached even on tag verification failure
Summary In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. Details This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext contents still in buffer. The root cau...
GHSA-R38M-44FW-H886 AEADs/ascon-aead: Plaintext exposed in decrypt_in_place_detached even on tag verification failure
Summary In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. Details This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext contents still in buffer. The root cau...
RHEL 7 : erlang (RHSA-2018:0242)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0242 advisory. Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault...
titon/framework vulnerable to Remote Code Execution via Chosen-Ciphertext Attack
titon/framework package which is now abandoned and no longer maintained is vulnerable to remote code execution via Chosen-Ciphertext Attack...
GHSA-Q3JM-V27Q-JFWW titon/framework vulnerable to Remote Code Execution via Chosen-Ciphertext Attack
titon/framework package which is now abandoned and no longer maintained is vulnerable to remote code execution via Chosen-Ciphertext Attack...
PT-2024-40419 · Unknown · Titan Framework
Name of the Vulnerable Software and Affected Versions: titon/framework package affected versions not specified Description: The issue allows for remote code execution via a Chosen-Ciphertext Attack. Recommendations: At the moment, there is no information about a newer version that contains a fix...
Fedora 40 : firecracker / rust-aes-gcm (2023-377bc1b17c)
The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-377bc1b17c advisory. - Update the aes-gcm crate to version 0.10.3. Addresses CVE-2023-42811. - Rebuild dependent packages firecracker for aes-gcm v0.10.3...
RHEL 7 : erlang (RHSA-2018:0528)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0528 advisory. Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault...
openSUSE: Security Advisory for rage (SUSE-SU-2023:4060-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Chosen-Ciphertext Attack (KyberSlash)
pypqc vulnerable to a chosen-ciphertext attack. The vulnerability is caused by to an attacker submitting numerous ciphertexts for decryption and observing the response, potentially allowing them to recover the private key...