Lucene search
K

7 matches found

OSV
OSV
added 2026/04/10 11:26 a.m.4 views

SUSE-SU-2026:21021-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2026-34073: Fixed X.509 bypass of name constraints on wildcard SANs with matching peer names. bsc1260876 - CVE-2026-26007: missing validation can lead to security issues for signature verification ECDSA and shared key negotiati...

8.2CVSS7.3AI score0.00341EPSS
Exploits0References5
OSV
OSV
added 2026/02/10 10:17 p.m.6 views

ALPINE-CVE-2026-26007

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...

6.5CVSS5.8AI score0.00341EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 10:17 p.m.7 views

CVE-2026-26007

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...

8.2CVSS0.00341EPSS
Exploits0References26
OSV
OSV
added 2026/02/10 9:42 p.m.5 views

CVE-2026-26007 cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the publickeyfromnumbers or EllipticCurvePublicNumbers.publickey, EllipticCurvePublicNumbers.publickey, loadderpublickey and loadpempublickey functions do not verify that the...

8.2CVSS5.7AI score0.00341EPSS
Exploits0References28
Code423n4
Code423n4
added 2022/01/11 12:0 a.m.12 views

No slippage tolerance set in NonUSTStrategy

Handle palina Vulnerability details Impact The exchange performed in NonUSTStrategy.sol via Curve is executed with "0" as the minimum amount received as the result of the operation, which is likely to be exploited by front-running and may lead to the loss of funds. Proof of Concept...

6.9AI score
Exploits0
CNVD
CNVD
added 2020/04/08 12:0 a.m.6 views

SolarWinds Dameware Buffer Overflow Vulnerability

SolarWinds Dameware is a remote access and system management solution from SolarWinds USA. The product supports multi-factor authentication, network management and other features. A buffer overflow vulnerability exists in SolarWinds Dameware version 12.1 Hotfix 3. A remote attacker can exploit th...

7.5CVSS7.2AI score0.25149EPSS
Exploits1References1
OSV
OSV
added 2015/11/09 12:0 a.m.2 views

UBUNTU-CVE-2015-7940

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman ECDH key exchanges, aka an "invalid curve attack."...

5CVSS7.2AI score0.0482EPSS
Exploits0References4
Rows per page
Query Builder