Lucene search
+L

2118 matches found

opensuse
opensuse
added 2 days ago4 views

Security update for enc (important)

openSUSE Security Update: Security update for enc Announcement ID: openSUSE-SU-2026:0245-1 Rating: important References: 1265533 Cross-References: CVE-2026-1229 CVSS scores: CVE-2026-1229 SUSE: 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE Backpor...

8.3CVSS6.1AI score0.00397EPSS
Exploits0References1
nvd
nvd
added 2026/07/02 11:16 a.m.11 views

CVE-2026-54431

In liboauth2 the Demonstrating Proof-of-Possession DPoP verifier accepts a proof whose JSON Web Key jwk header contains private key material. RFC 9449 section 4.3 step 7 requires the verifier to reject such a proof but oauth2tokenverify function returns success for a malformed DPoP proof that...

5.1CVSS0.00128EPSS
Exploits0References3
cve
cve
added 2026/07/01 7:34 p.m.25 views

CVE-2026-54908

CVE-2026-54908 affects the Pion DTLS Go implementation. Versions prior to 3.1.4 are vulnerable to a remote Denial of Service caused by a panic while parsing a crafted ECDHE_PSK ServerKeyExchange message. The issue has been fixed in 3.1.4. No exploitation details are provided in the documents.

6.3CVSS5.8AI score0.0032EPSS
Exploits0References2
osv
osv
added 2026/06/25 8:17 p.m.5 views

UBUNTU-CVE-2026-10512

The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field element in a non-canonical form, producing an incorrect result from the...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References4
osv
osv
added 2026/06/25 11:52 a.m.3 views

SUSE-SU-2026:22365-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues Upgrade openCryptoki to version 3.27 jscPED-14609: Add base support for PKCS11 v3.2. Add support for PKCS11 v3.2 CVerifySignatureInit|Update|Final. Add support for PKCS11 v3.2 CEncapsulateKey/CDecapsulateKey. Soft/ICA/CCA/EP11: Add support f...

6.8CVSS5.8AI score0.00237EPSS
Exploits2References5
osv
osv
added 2026/06/25 11:51 a.m.3 views

OPENSUSE-SU-2026:21059-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues Upgrade openCryptoki to version 3.27 jscPED-14609: Add base support for PKCS11 v3.2. Add support for PKCS11 v3.2 CVerifySignatureInit|Update|Final. Add support for PKCS11 v3.2 CEncapsulateKey/CDecapsulateKey. Soft/ICA/CCA/EP11: Add support f...

6.8CVSS5.8AI score0.00237EPSS
Exploits2References4
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.15 views

PT-2026-52564

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An out-of-bounds heap read occurs during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key...

7.5CVSS5.7AI score0.00226EPSS
Exploits0References6
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in python-cryptography

Cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey, and loadpempublickey functions did not verify...

8.2CVSS6.7AI score0.00341EPSS
Exploits0References2
mageia
mageia
added 2026/06/15 3:56 p.m.12 views

Updated libgcrypt packages fix security vulnerability

Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt. CVE-2026-41989...

6.7CVSS5.5AI score0.00182EPSS
Exploits0References4
nessus
nessus
added 2026/06/12 12:0 a.m.11 views

EulerOS Virtualization 2.13.0 : libgcrypt (EulerOS-SA-2026-2403)

According to the versions of the libgcrypt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to...

6.7CVSS5.8AI score0.00182EPSS
Exploits0References2
osv
osv
added 2026/06/10 5:11 p.m.11 views

MGASA-2026-0193 Updated openssh packages fix security vulnerabilities

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode. CVE-2026-35385 In OpenSSH before 10.3, command execution can occur vi...

8.1CVSS6AI score0.00419EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/10 12:33 a.m.10 views

CVE-2026-45328 ESF-IDF: Out-of-Bounds Write in ESP-TEE Secure Service Wrappers

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

9.3CVSS5.3AI score0.00126EPSS
Exploits0References7
osv
osv
added 2026/06/10 12:33 a.m.2 views

CVE-2026-45328 ESF-IDF: Out-of-Bounds Write in ESP-TEE Secure Service Wrappers

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

9.3CVSS5.9AI score0.00126EPSS
Exploits0References9
nvd
nvd
added 2026/06/10 12:16 a.m.15 views

CVE-2026-46542

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, a denial-of-service vulnerability exists in the Ed25519 multisig delinearization code path. Ed25519PublicKey::delinearize in keys/src/multisig/mod.rs called...

4.3CVSS0.00231EPSS
Exploits0References3
nessus
nessus
added 2026/06/10 12:0 a.m.8 views

EulerOS 2.0 SP13 : python-ecdsa (EulerOS-SA-2026-2352)

According to the versions of the python-ecdsa packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital...

5.3CVSS5.5AI score0.00476EPSS
Exploits1References2
cnnvd
cnnvd
added 2026/06/10 12:0 a.m.19 views

Nimiq 安全漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.4.0 contained a security vulnerability. This vulnerability stemmed from the call to .unwrap during the delinearize function in Ed25519PublicKey::delinearize. When the public key was constructed...

4.3CVSS5.3AI score0.00231EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/09 11:46 p.m.9 views

CVE-2026-46542 nimiq-keys: Denial of service in Ed25519 multisig delinearization via invalid curve points

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, a denial-of-service vulnerability exists in the Ed25519 multisig delinearization code path. Ed25519PublicKey::delinearize in keys/src/multisig/mod.rs called...

4.3CVSS5.5AI score0.00231EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/09 11:46 p.m.38 views

CVE-2026-46542 nimiq-keys: Denial of service in Ed25519 multisig delinearization via invalid curve points

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, a denial-of-service vulnerability exists in the Ed25519 multisig delinearization code path. Ed25519PublicKey::delinearize in keys/src/multisig/mod.rs called...

4.3CVSS0.00231EPSS
Exploits0References3
osv
osv
added 2026/06/09 11:46 p.m.3 views

CVE-2026-46542 nimiq-keys: Denial of service in Ed25519 multisig delinearization via invalid curve points

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, a denial-of-service vulnerability exists in the Ed25519 multisig delinearization code path. Ed25519PublicKey::delinearize in keys/src/multisig/mod.rs called...

4.3CVSS6AI score0.00231EPSS
Exploits0References5
cve
cve
added 2026/06/09 11:46 p.m.25 views

CVE-2026-46542

CVE-2026-46542 affects Nimiq’s Rust implementation prior to v1.4.0, where Ed25519 public-key handling in multisig could cause a denial-of-service crash. The issue occurs because Ed25519PublicKey::delinearize() calls unwrap() on curve point decompression, panicking when a 32-byte input does not re...

4.3CVSS5.5AI score0.00231EPSS
Exploits0References3
Rows per page
Query Builder