2042 matches found
JLSEC-2026-248 Issue summary: A timing side-channel which could potentially allow recovering the private key...
Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measuring the timing would...
JLSEC-2026-214 Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel...
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters instead of using a named curve. In those cases it is possible that such a group does not have...
python-ecdsa DER Parser Security Test Suite
This Python script is a security test and validation suite for the python-ecdsa library, focused on detecting potential DER Distinguished Encoding Rules parsing anomalies that may relate to CVE-2026-33936...
SUSE SLED15 / SLES15 Security Update : python-ecdsa (SUSE-SU-2026:1608-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1608-1 advisory. - CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the...
Security Bulletin: Platform Navigator in IBM Cloud Pak for Integration is vulnerable to vulnerability in Elliptic
Summary Platform Navigator in IBM Cloud Pak for Integration is vulnerable to vulnerability in Elliptic. CVE-2025-14505 The vulnerability have been addressed Vulnerability Details CVEID:CVE-2025-14505 DESCRIPTION: The ECDSA implementation of the Elliptic package generates incorrect signatures if a...
SUSE-SU-2026:1608-1 Security update for python-ecdsa
This update for python-ecdsa fixes the following issues: - CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009...
Security update for python-ecdsa
This update for python-ecdsa fixes the following issues: CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...
CVE-2026-41564
CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking. The Crypt::PK::RSA, Crypt::PK::DSA, Crypt::PK::DH, Crypt::PK::ECC, Crypt::PK::Ed25519 and Crypt::PK::X25519 modules seed a per-object PRNG state in their constructors and reuse it without fork detection. A...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013628)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013628 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher - default implementation for setting a private key Changes from v1: removed the...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-ecdsa (SUSE-SU-2026:1436-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1436-1 advisory. - CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be rais...
CLSA-2026-1776444688 openssh: Fix of 3 CVEs
CVE-2026-35387: correctly match ECDSA signature algorithms against HostKeyAlgorithms, PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms - CVE-2026-35388: add missing askpass check when using ControlMaster=ask/autoask and "ssh -O proxy ..." - CVE-2026-35414: fix authorizedkeys principals...
Security update for python-ecdsa
This update for python-ecdsa fixes the following issues: CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...
SUSE-SU-2026:1436-1 Security update for python-ecdsa
This update for python-ecdsa fixes the following issues: - CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009...
CLSA-2026-1776428482 openssh: Fix of 3 CVEs
CVE-2026-35387: correctly match ECDSA signature algorithms against HostKeyAlgorithms, PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms - CVE-2026-35388: add missing askpass check when using ControlMaster=ask/autoask and "ssh -O proxy ..." - CVE-2026-35414: fix authorizedkeys principals...
Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION: cryptography is a package...
OpenSSH < 10.3 Multiple Vulnerabilities
The version of OpenSSH installed on the remote host is prior to 10.3. It is, therefore, affected by multiple vulnerabilities as referenced in the release-10.3 advisory. - In OpenSSH before 10.3, validation of shell metacharacters in user names supplied on the command-line was performed too late,...
Security Bulletin: Vulerability in IBM Spectrum Symphony with OpenSSL
Summary Vulerability in IBM Spectrum Symphony with OpenSSL Vulnerability Details CVEID:CVE-2024-13176 DESCRIPTION: Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDS...
OESA-2026-1839 python-ecdsa security update
This is an easy-to-use implementation of ECDSA cryptography Elliptic Curve Digital Signature Algorithm, implemented purely in Python, released under the MIT license. With this library, you can quickly create keypairs signing key and verifying key, sign messages, and verify the signatures. The key...
OESA-2026-1838 python-ecdsa security update
This is an easy-to-use implementation of ECDSA cryptography Elliptic Curve Digital Signature Algorithm, implemented purely in Python, released under the MIT license. With this library, you can quickly create keypairs signing key and verifying key, sign messages, and verify the signatures. The key...
SUSE-SU-2026:21165-1 Security update for python-cryptography
This update for python-cryptography fixes the following issues: - CVE-2026-34073: Fixed X.509 bypass of name constraints on wildcard SANs with matching peer names. bsc1260876 - CVE-2026-26007: missing validation can lead to security issues for signature verification ECDSA and shared key negotiati...