Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-29483

Malicious code in bioql PyPI...

5.9CVSS6.3AI score0.00177EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 2025/07/28 11:37 p.m.3 views

SUSE CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS6.9AI score0.00177EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2025/07/28 3:31 a.m.6 views

Duplicate Advisory: `ed25519-dalek` Double Public Key Signing Function Oracle Attack

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w5vr-6qhr-36cc. This link is maintained to preserve external references. Original Description The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair...

5.9CVSS7.1AI score0.00177EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2025/07/28 2:15 a.m.1 views

UBUNTU-CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

5.9CVSS5.8AI score0.00177EPSS
Exploits0References5
CVE
CVEadded 2025/07/28 12:0 a.m.16 views

CVE-2022-50237

The CVE-2022-50237 entry concerns the ed25519-dalek Rust crate prior to version 2. The Keypair implementation enables a double public key signing function oracle attack, enabling an attacker to compute/extract a private key from signatures. Reported impact includes confidentiality loss; CVSSv3.1 ...

5.9CVSS7.1AI score0.00177EPSS
Exploits0References3
Veracode
Veracodeadded 2025/03/12 8:14 a.m.3 views

Double-signing Attack

github.com/strangelove-ventures/horcrux is vulnerable to a double-signing attack. The vulnerability is due to a race condition in signature state handling when two independent events occurring within the same microsecond, allowing unintended duplicate signatures and leads to unintended...

6.9AI score
Exploits0
Github Security Blog
Github Security Blogadded 2025/03/07 8:0 p.m.6 views

Horcrux Double Sign Possibility

Horcrux Incident Disclosure: Possible Double-Sign Summary On March 6, 2025, a Horcrux user 01node experienced a double-signing incident on the Osmosis network, resulting in a 5% slash penalty approximately 75,000 OSMO or $20,000 USD. After thorough investigation, we have identified a race conditi...

7AI score
Exploits0References5Affected Software1
OSV
OSVadded 2025/03/07 8:0 p.m.3 views

GHSA-6WXF-7784-62FP Horcrux Double Sign Possibility

Horcrux Incident Disclosure: Possible Double-Sign Summary On March 6, 2025, a Horcrux user 01node experienced a double-signing incident on the Osmosis network, resulting in a 5% slash penalty approximately 75,000 OSMO or $20,000 USD. After thorough investigation, we have identified a race conditi...

8.7CVSS7AI score
Exploits0References5
Positive Technologies
Positive Technologiesadded 2022/06/11 12:0 a.m.2 views

PT-2025-31036 · Unknown · Ed25519-Dalek

Name of the Vulnerable Software and Affected Versions: ed25519-dalek crate versions prior to 2 Description: The ed25519-dalek crate for Rust contains a flaw that allows a double public key signing function oracle attack. The Keypair implementation can lead to the extraction of a private key...

5.9CVSS6.2AI score0.00177EPSS
Exploits0References13
Rows per page
Query Builder