Lucene search
K

6 matches found

NVD
NVD
added 2026/03/19 8:16 p.m.8 views

CVE-2026-3580

In wolfSSL 5.8.4, constant-time masking logic in sp256getentry2569 is optimized into conditional branches bnez by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret...

4.7CVSS0.00128EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/06/09 9:33 a.m.0 views

nettle: Out of bounds memory access in signature verification

A flaw was found in Nettle, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an...

8.1CVSS6.8AI score0.01607EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/06/07 10:40 p.m.3 views

nettle: Out of bounds memory access in signature verification

A flaw was found in Nettle, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an...

8.1CVSS6.8AI score0.01607EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2016/04/19 9:0 p.m.32 views

CVE-2015-7511

Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations...

2CVSS4.1AI score0.00429EPSS
Exploits0
ArchLinux
ArchLinux
added 2016/02/10 12:0 a.m.42 views

botan: multiple issues

CVE-2016-2194 denial of service The ressol function implements the Tonelli-Shanks algorithm for finding square roots could be sent into a nearly infinite loop due to a misplaced conditional check. This could occur if a composite modulus is provided, as this algorithm is only defined for primes...

10CVSS2.6AI score0.06677EPSS
Exploits0References4
CNVD
CNVD
added 2015/07/08 12:0 a.m.2 views

Mozilla Firefox NSS Spoofing Vulnerability

Mozilla Firefox is a web browser released by Mozilla. A spoofing vulnerability exists in Mozilla Firefox NSS, which can be exploited by remote attackers to spoof ECDSA signatures because NSS fails to properly perform ECC multiplication...

4.3CVSS6.7AI score0.03594EPSS
Exploits0References1
Rows per page
Query Builder