CVE-2026-4391

A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able to resolve this...

CVE-2026-4391 TeamSpeak 3 Server ECC Key heap-based overflow

A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able to resolve this...

CVE-2026-4391

CVE-2026-4391 affects TeamSpeak 3 Server up to version 3.13.7. The issue is in an unknown code path of the ECC Key Parser, causing a heap-based buffer overflow that could be triggered remotely. A fixed version is 3.13.8, which upgrades the affected component. If exploiting details are not provide...

CVE-2026-4391 TeamSpeak 3 Server ECC Key heap-based overflow

A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able to resolve this...

CVE-2026-4391

A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able to resolve this...

EUVD-2026-32585

A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able to resolve this...

PT-2026-44051

Name of the Vulnerable Software and Affected Versions TeamSpeak 3 Server versions prior to 3.13.8 Description A heap-based buffer overflow exists in the ECC Key Parser component. This issue allows a remote attacker to cause a memory corruption by manipulating the parser, which handles Elliptic...

EUVD-2020-19728

Malware in sbrugna...

EUVD-2018-12754

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-36422

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC private key, related to mbedtlsecpcheckpubpriv, mbedtlspkparseke...

CVE-2021-29415

The elliptic curve cryptography ECC hardware accelerator, part of the ARM® TrustZone® CryptoCell 310, contained in the NordicSemiconductor nRF52840 through 2021-03-29 has a non-constant time ECDSA implemenation. This allows an adversary to recover the private ECC key used during an ECDSA operatio...

CVE-2020-27209

The ECDSA operation of the micro-ecc library 1.0 is vulnerable to simple power analysis attacks which allows an adversary to extract the private ECC key...

CVE-2020-27209

The ECDSA operation of the micro-ecc library 1.0 is vulnerable to simple power analysis attacks which allows an adversary to extract the private ECC key...

Code injection

The ECDSA operation of the micro-ecc library 1.0 is vulnerable to simple power analysis attacks which allows an adversary to extract the private ECC key...

CVE-2020-27209

CVE-2020-27209 affects the micro-ecc library (v1.0) ECDSA; the ECDSA operation is vulnerable to simple power analysis, enabling an attacker to extract the private ECC key. Consequences: Confidentiality impact (private key exposure) as documented. No remediation specifics (patch/version) are provi...

CVE-2020-27209

The ECDSA operation of the micro-ecc library 1.0 is vulnerable to simple power analysis attacks which allows an adversary to extract the private ECC key...

FreeBSD : Mbed TLS -- Side-channel attack on ECC key import and validation (c685edd9-c045-11ea-8898-001cc0382b2f)

Manuel Pegourie-Gonnard reports : The scalar multiplication function in Mbed TLS accepts a random number generator RNG as an optional argument and, if provided, uses it to protect against some attacks. It is the caller's responsibility to provide a RNG if protection against side-channel attacks i...

Mbed TLS -- Side-channel attack on ECC key import and validation

Manuel Pégourié-Gonnard reports: The scalar multiplication function in Mbed TLS accepts a random number generator RNG as an optional argument and, if provided, uses it to protect against some attacks. It is the caller's responsibility to provide a RNG if protection against side-channel attacks is...

SUSE-SU-2019:2982-1 Security update for enigmail

This update for enigmail fixes the following issues: - SeaMonkey is no longer supported. Update description and no longer put in SeaMonkey addons path bsc1151317 enigmail was updated 2.1.2: compatibility with Mozilla Thunderbird 68 New simplified setup wizard Full support for keys.openpgp.org...

CVE-2018-20187

A side-channel issue was discovered in Botan before 2.9.0. An attacker capable of precisely measuring the time taken for ECC key generation may be able to derive information about the high bits of the secret key, as the function to derive the public point from the secret scalar uses an unblinded...