Lucene search
K

25 matches found

Packet Storm News
Packet Storm News
added 2026/05/11 12:0 a.m.8 views

Key Encapsulation Mechanism-Based Integrated Encryption Scheme (KEM-IES)

The Elliptic Curve Integrated Encryption Scheme ECIES is widely regarded as a practical method and has been adopted by multiple standards. However, the advancement of quantum computing technologies poses potential security risks to ECIES. Therefore, this study proposes a Key Encapsulation...

5.7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/04 12:26 a.m.2 views

SUSE CVE-2026-26315

go-ethereum Geth is a golang execution layer implementation of the Ethereum protocol. Prior to version 1.16.9, through a flaw in the ECIES cryptography implementation, an attacker may be able to extract bits of the p2p node key. The issue is resolved in the v1.16.9 and v1.17.0 releases of Geth...

7.5CVSS5.9AI score0.00447EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.8 views

go-ethereum 安全漏洞

go-ethereum is an open-source Ethereum protocol library developed by ethereum. Versions of go-ethereum prior to 1.16.9 contained security vulnerabilities. These vulnerabilities stemmed from defects in the ECIES encryption implementation, allowing attackers to extract bits from the keys of p2p nod...

7.5CVSS5.8AI score0.00447EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2026/02/17 12:0 a.m.6 views

go-ethereum -- vulnerabilities

https://github.com/ethereum/go-ethereum/security/advisories reports: DoS via malicious p2p message CVE-2026-26313 DoS via malicious p2p message CVE-2026-26314 Improper ECIES Public Key Validation in RLPx Handshake CVE-2026-26315...

8.7CVSS5.8AI score0.0058EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/22 2:6 a.m.10 views

EUVD-2026-3676

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A private key recovery vulnerability exists in the SM2 decryption logic of sm-crypto prior to version 0.3.14. By interacting with the SM2 decryption interface multiple times, an attacker can...

9.1CVSS5.5AI score0.00209EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-1000345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environmen...

5.9CVSS6.6AI score0.02596EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:53 a.m.4 views

SUSE CVE-2016-1000345

In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding...

5.9CVSS7.7AI score0.02596EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.5 views

SUSE CVE-2019-13132

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due...

9.8CVSS7.6AI score0.42464EPSS
Exploits1References17
Schneier on Security
Schneier on Security
added 2022/02/09 12:25 p.m.18 views

Breaking 256-bit Elliptic Curve Encryption with a Quantum Computer

Researchers have calculated the quantum computer size necessary to break 256-bit elliptic curve public-key cryptography: Finally, we calculate the number of physical qubits required to break the 256-bit elliptic curve encryption of keys in the Bitcoin network within the small available time frame...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/11/12 12:0 a.m.36 views

Debian DLA-2443-1 : zeromq3 security update

It was discovered that ZeroMQ, a lightweight messaging kernel library does not properly handle connecting peers before a handshake is completed. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket listening with CURVE...

7.5CVSS7.1AI score0.03408EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/09/08 12:0 a.m.32 views

Debian DSA-4761-1 : zeromq3 - security update

It was discovered that ZeroMQ, a lightweight messaging kernel library does not properly handle connecting peers before a handshake is completed. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket listening with CURVE...

7.5CVSS7.3AI score0.03408EPSS
Exploits0References4
Debian
Debian
added 2020/09/07 7:11 p.m.29 views

[SECURITY] [DSA 4761-1] zeromq3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4761-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 07, 2020 https://www.debian.org/security/faq -...

5CVSS1.3AI score0.03408EPSS
Exploits0
CNVD
CNVD
added 2020/06/03 12:0 a.m.6 views

fastecdsa data forgery issue vulnerability

fastecdsa is a Python library for fast elliptic curve encryption by AntonKueltz Software Developers. A security vulnerability exists in fastecdsa versions prior to 2.1.2. An attacker can exploit the vulnerability to benefit by successfully guessing the user whose signature verification will fail...

7.5CVSS7.4AI score0.01268EPSS
Exploits1References1
OSV
OSV
added 2019/11/14 4:58 p.m.7 views

MGASA-2019-0323 Updated zeromq packages fix security vulnerability

A security vulnerability has been reported in libzmq/zeromq. a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer...

9.8CVSS9.7AI score0.42464EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2019/07/15 4:51 a.m.37 views

CVE-2019-13132

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due...

9.8CVSS4.2AI score0.42464EPSS
Exploits1References4
OSV
OSV
added 2019/07/10 7:15 p.m.3 views

DEBIAN-CVE-2019-13132

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due...

9.8CVSS7.9AI score0.42464EPSS
Exploits1References1
OSV
OSV
added 2019/07/10 7:15 p.m.3 views

ALPINE-CVE-2019-13132

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due...

9.8CVSS7.6AI score0.42464EPSS
Exploits1References1
Prion
Prion
added 2019/07/10 7:15 p.m.21 views

Stack overflow

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due...

7.5CVSS9.5AI score0.42464EPSS
Exploits1References13Affected Software4
ATTACKERKB
ATTACKERKB
added 2019/07/10 7:15 p.m.5 views

CVE-2019-13132

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due...

9.8CVSS6AI score0.42464EPSS
Exploits1References23
Cvelist
Cvelist
added 2019/07/10 12:0 a.m.27 views

CVE-2019-13132

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due...

9.7AI score0.42464EPSS
Exploits1References15
Rows per page
Query Builder