Lucene search
K

119 matches found

RedHat Linux
RedHat Linux
added 2026/05/27 10:13 p.m.12 views

cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

A validation flaw has been discovered in the python cryptography package. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification ECDSA and...

8.2CVSS6.8AI score0.00341EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/04/23 7:29 a.m.5 views

CVE-2026-41564

CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking. The Crypt::PK::RSA, Crypt::PK::DSA, Crypt::PK::DH, Crypt::PK::ECC, Crypt::PK::Ed25519 and Crypt::PK::X25519 modules seed a per-object PRNG state in their constructors and reuse it without fork detection. A...

7.5CVSS5.3AI score0.00447EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/06 10:16 a.m.8 views

Security Bulletin: There is a vulnerability in cryptography-46.0.3-cp311-abi3-manylinux_2_34_x86_64.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-26007)

Summary There is a vulnerability in cryptography-46.0.3-cp311-abi3-manylinux234x8664.whl used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION: cryptography is a package designed to expose cryptographic primitives and recipes...

8.2CVSS5.9AI score0.00341EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:27 p.m.8 views

CVE-2018-12438

The Elliptic Curve Cryptography library aka sunec or libsunec allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the...

4.9CVSS6.5AI score0.00464EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:26 p.m.8 views

CVE-2018-12439

MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host...

4.7CVSS6.4AI score0.00275EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.12 views

PT-2026-1743

Name of the Vulnerable Software and Affected Versions Elliptic versions prior to 6.6.2 Description The ECDSA implementation within the Elliptic package produces incorrect signatures when an interim value of k calculated according to step 3.2 of RFC 6979 contains leading zeros, making it susceptib...

5.6CVSS6.5AI score0.00161EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-4406

Malware in sbrugna...

5.9CVSS6.1AI score0.00499EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-4409

Malware in sbrugna...

4.9CVSS5.1AI score0.00464EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-1318

Malware in sbrugna...

4.7CVSS5.7AI score0.00887EPSS
Exploits1References32
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-4405

Malware in sbrugna...

4.7CVSS4.9AI score0.00321EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-1608

Malware in sbrugna...

5.9CVSS6.3AI score0.01522EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-4407

Malware in sbrugna...

4.7CVSS4.7AI score0.00371EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-0505

Malware in sbrugna...

7.5CVSS7.5AI score0.01116EPSS
Exploits1References16
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-19901

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.004EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-15522

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math...

5.9CVSS6.8AI score0.01522EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:36 a.m.6 views

CVE-2024-45750

An issue in TheGreenBow Windows Standard VPN Client 6.87.108 and older, Windows Enterprise VPN Client 6.87.109 and older, Windows Enterprise VPN Client 7.5.007 and older, Android VPN Client 6.4.5 and older VPN Client Linux 3.4 and older, VPN Client MacOS 2.4.10 and older allows a remote attacker ...

7.3CVSS8AI score0.00505EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:43 a.m.7 views

CVE-2024-23680

AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures...

5.3CVSS5.3AI score0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:44 p.m.7 views

CVE-2020-14966

An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. It allows a malleability in ECDSA signatures by not checking overflows in the length of a sequence and '0' characters appended or prepended to an integer. The modified signatures are verified as valid. This could have a...

7.5CVSS6.8AI score0.01116EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 1:24 p.m.8 views

CVE-2018-12433

cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. NOTE: the vendor...

4.9CVSS6.5AI score0.00346EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:42 a.m.16 views

CVE-2018-12436

wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physic...

4.7CVSS6.3AI score0.00371EPSS
Exploits0References1
Rows per page
Query Builder