Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2019-13374

Malware in sbrugna...

6.5CVSS6.8AI score0.02538EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-1436

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00864EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2023/04/21 6:30 p.m.13 views

IO FinNet tss-lib vulnerable to timing attack from non-constant time scalar multiplication

io.finnet tss-lib before 2.0.0 can leak a secret key via a timing side-channel attack because it relies on the scalar-multiplication implementation in Go crypto/elliptic, which is not constant time there is an if statement in a loop. One leak is in ecdsa/keygen/round2.go. bnb-chain/tss-lib and...

9.1CVSS6.7AI score0.00864EPSS
Exploits0References9Affected Software2
OSV
OSV
added 2019/09/18 11:15 p.m.2 views

CVE-2019-3739

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys...

6.5CVSS6.7AI score
Exploits0References7
CVE
CVE
added 2019/09/18 10:23 p.m.239 views

CVE-2019-3739

CVE-2019-3739 concerns RSA BSAFE Crypto-J versions prior to 6.2.5, where information exposure can occur via timing discrepancy during ECDSA key generation. The vulnerability could allow a remote attacker to recover ECDSA keys. The provided documents identify the affected component as Dell/Certico...

6.5CVSS7.9AI score0.02538EPSS
Exploits0References7Affected Software3
OSV
OSV
added 2019/01/15 10:15 p.m.5 views

MGASA-2019-0038 Updated nss packages fix security vulnerability

Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys CVE-2018-0495...

4.7CVSS6AI score0.00887EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2018/06/27 12:0 a.m.57 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : OpenSSL vulnerabilities (USN-3692-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3692-1 advisory. Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perfor...

7.5CVSS6.5AI score0.49268EPSS
Exploits1References4
Ubuntu
Ubuntu
added 2018/06/26 2:6 p.m.91 views

USN-3692-2: OpenSSL vulnerabilities

USN-3692-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and...

7.5CVSS6.6AI score0.49268EPSS
Exploits1
Rows per page
Query Builder