Lucene search
K

32 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.14 views

Astra Linux – Vulnerability in mbedtls

A vulnerability was discovered in Arm Mbed TLS before versions 2.16.6 and 2.7.x, prior to 2.7.15. An attacker who can obtain precise side-channel measurements can recover the long-term ECDSA private key by 1 reconstructing the projective coordinates of the result of scalar multiplication by...

4.7CVSS5.1AI score0.00247EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/04 11:15 p.m.2 views

CVE-2026-5527

A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Private Key Handler. This manipulation causes use of hard-coded cryptographic key . It is possible t...

6.9CVSS5.7AI score0.00435EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/11/21 3:59 p.m.5 views

JLSEC-2025-201 An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15

An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by 1 reconstructing the projective coordinate of the result of scalar multiplication by exploiting side...

4.7CVSS6.6AI score0.00247EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-7373

Malware in sbrugna...

5.9CVSS5.9AI score0.03279EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2016-7936

Malware in sbrugna...

5.5CVSS7.3AI score0.00594EPSS
Exploits0References22
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-3338

Malware in sbrugna...

4.7CVSS4.9AI score0.00247EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-37410

Malicious code in bioql PyPI...

9.6CVSS9.2AI score0.01017EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2023-37411

Malicious code in bioql PyPI...

9.6CVSS8.2AI score0.01091EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-10932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the...

4.7CVSS5.6AI score0.00247EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.2 views

TencentOS Server 3: nss (TSSA-2024:0060)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0060 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

4.3CVSS7.2AI score0.00714EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 9:29 p.m.10 views

CVE-2021-3011

An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access and consequently produce a...

4.2CVSS7AI score0.00196EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:35 p.m.6 views

CVE-2021-29415

The elliptic curve cryptography ECC hardware accelerator, part of the ARM® TrustZone® CryptoCell 310, contained in the NordicSemiconductor nRF52840 through 2021-03-29 has a non-constant time ECDSA implemenation. This allows an adversary to recover the private ECC key used during an ECDSA operatio...

5.5CVSS6.8AI score0.00273EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/02/12 4:48 p.m.2 views

nss: vulnerable to Minerva side-channel information leak

The Network Security Services NSS package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key...

4.3CVSS6.8AI score0.00714EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/02/12 4:48 p.m.2 views

nss: vulnerable to Minerva side-channel information leak

The Network Security Services NSS package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key...

4.3CVSS6.8AI score0.00714EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2024/01/11 9:0 a.m.19 views

CVE-2023-6135

The Network Security Services NSS package contains a vulnerability that exposes a side-channel information leak. This weakness enables a local attacker to capture several thousand usages of a signature, allowing them to utilize this information to recover portions of an ECDSA private key...

4.3CVSS5.4AI score0.00714EPSS
Exploits0References7
NVD
NVD
added 2023/08/09 10:15 p.m.24 views

CVE-2023-33242

Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt 256 in total because of not adhering to the paper's security proof's assumption regarding handling aborts after a failed...

9.6CVSS9.3AI score0.01091EPSS
Exploits2References4
Cvelist
Cvelist
added 2023/08/09 9:1 p.m.21 views

CVE-2023-33242 Lindell17 TSS Abort Mishandling

Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt 256 in total because of not adhering to the paper's security proof's assumption regarding handling aborts after a failed...

9.6CVSS9.5AI score0.01091EPSS
Exploits2References4
Cvelist
Cvelist
added 2023/08/09 9:0 p.m.41 views

CVE-2023-33241 GG18 / GG20 TSS Beta Parameter Vulnerability

Crypto wallets implementing the GG18 or GG20 TSS protocol might allow an attacker to extract a full ECDSA private key by injecting a malicious pallier key and cheating in the range proof. Depending on the Beta parameters chosen in the protocol implementation, the attack might require 16 signature...

9.6CVSS9.4AI score0.01017EPSS
Exploits1References5
OSV
OSV
added 2021/03/05 5:5 p.m.6 views

OPENSUSE-SU-2021:0384-1 Security update for mbedtls

This update for mbedtls fixes the following issues: - mbedtls was updated to version 2.16.9 - CVE-2020-10932: Fixed side channel in ECC code that allowed an adversary with access to precise enough timing and memory access information typically an untrusted operating system attacking a secure...

4.7CVSS4.7AI score0.00247EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/01/07 3:7 p.m.33 views

CVE-2021-3011

An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access and consequently produce a...

4.8AI score0.00196EPSS
Exploits1References2
Rows per page
Query Builder