Lucene search
K

2042 matches found

OSV
OSV
added 2026/04/27 6:33 p.m.14 views

JLSEC-2026-248 Issue summary: A timing side-channel which could potentially allow recovering the private key...

Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measuring the timing would...

4.1CVSS6AI score0.00601EPSS
Exploits0References18
OSV
OSV
added 2026/04/27 6:33 p.m.9 views

JLSEC-2026-214 Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel...

Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters instead of using a named curve. In those cases it is possible that such a group does not have...

4.7CVSS6.5AI score0.01188EPSS
Exploits0References52
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.8 views

python-ecdsa DER Parser Security Test Suite

This Python script is a security test and validation suite for the python-ecdsa library, focused on detecting potential DER Distinguished Encoding Rules parsing anomalies that may relate to CVE-2026-33936...

5.3CVSS5.1AI score0.00476EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.6 views

SUSE SLED15 / SLES15 Security Update : python-ecdsa (SUSE-SU-2026:1608-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1608-1 advisory. - CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the...

5.3CVSS5.4AI score0.00476EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/24 4:6 p.m.5 views

Security Bulletin: Platform Navigator in IBM Cloud Pak for Integration is vulnerable to vulnerability in Elliptic

Summary Platform Navigator in IBM Cloud Pak for Integration is vulnerable to vulnerability in Elliptic. CVE-2025-14505 The vulnerability have been addressed Vulnerability Details CVEID:CVE-2025-14505 DESCRIPTION: The ECDSA implementation of the Elliptic package generates incorrect signatures if a...

5.6CVSS5.5AI score0.00161EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/04/24 11:51 a.m.2 views

SUSE-SU-2026:1608-1 Security update for python-ecdsa

This update for python-ecdsa fixes the following issues: - CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009...

5.3CVSS5.3AI score0.00476EPSS
Exploits1References3
SUSE Linux
SUSE Linux
added 2026/04/24 11:51 a.m.8 views

Security update for python-ecdsa

This update for python-ecdsa fixes the following issues: CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

6.3CVSS5.2AI score0.00476EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2026/04/23 7:29 a.m.5 views

CVE-2026-41564

CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking. The Crypt::PK::RSA, Crypt::PK::DSA, Crypt::PK::DH, Crypt::PK::ECC, Crypt::PK::Ed25519 and Crypt::PK::X25519 modules seed a per-object PRNG state in their constructors and reuse it without fork detection. A...

7.5CVSS5.3AI score0.00447EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013628)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013628 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: akcipher - default implementation for setting a private key Changes from v1: removed the...

5.6AI score0.00211EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/18 12:0 a.m.6 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-ecdsa (SUSE-SU-2026:1436-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1436-1 advisory. - CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be rais...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References4
OSV
OSV
added 2026/04/17 5:24 p.m.9 views

CLSA-2026-1776444688 openssh: Fix of 3 CVEs

CVE-2026-35387: correctly match ECDSA signature algorithms against HostKeyAlgorithms, PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms - CVE-2026-35388: add missing askpass check when using ControlMaster=ask/autoask and "ssh -O proxy ..." - CVE-2026-35414: fix authorizedkeys principals...

8.1CVSS6AI score0.00237EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/04/17 12:51 p.m.4 views

Security update for python-ecdsa

This update for python-ecdsa fixes the following issues: CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

6.3CVSS5.7AI score0.00476EPSS
Exploits1References4
OSV
OSV
added 2026/04/17 12:51 p.m.4 views

SUSE-SU-2026:1436-1 Security update for python-ecdsa

This update for python-ecdsa fixes the following issues: - CVE-2026-33936: issue in the low-level DER parsing functions can cause unexpected exceptions to be raised from the public API functions bsc1261009...

5.3CVSS5.7AI score0.00476EPSS
Exploits1References3
OSV
OSV
added 2026/04/17 12:21 p.m.10 views

CLSA-2026-1776428482 openssh: Fix of 3 CVEs

CVE-2026-35387: correctly match ECDSA signature algorithms against HostKeyAlgorithms, PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms - CVE-2026-35388: add missing askpass check when using ControlMaster=ask/autoask and "ssh -O proxy ..." - CVE-2026-35414: fix authorizedkeys principals...

8.1CVSS5.8AI score0.00237EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/16 1:4 p.m.6 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION: cryptography is a package...

8.2CVSS5.8AI score0.00341EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.277 views

OpenSSH < 10.3 Multiple Vulnerabilities

The version of OpenSSH installed on the remote host is prior to 10.3. It is, therefore, affected by multiple vulnerabilities as referenced in the release-10.3 advisory. - In OpenSSH before 10.3, validation of shell metacharacters in user names supplied on the command-line was performed too late,...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/13 9:46 p.m.4 views

Security Bulletin: Vulerability in IBM Spectrum Symphony with OpenSSL

Summary Vulerability in IBM Spectrum Symphony with OpenSSL Vulnerability Details CVEID:CVE-2024-13176 DESCRIPTION: Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDS...

4.1CVSS5.8AI score0.00601EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/04/11 2:3 p.m.3 views

OESA-2026-1839 python-ecdsa security update

This is an easy-to-use implementation of ECDSA cryptography Elliptic Curve Digital Signature Algorithm, implemented purely in Python, released under the MIT license. With this library, you can quickly create keypairs signing key and verifying key, sign messages, and verify the signatures. The key...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References2
OSV
OSV
added 2026/04/11 2:3 p.m.3 views

OESA-2026-1838 python-ecdsa security update

This is an easy-to-use implementation of ECDSA cryptography Elliptic Curve Digital Signature Algorithm, implemented purely in Python, released under the MIT license. With this library, you can quickly create keypairs signing key and verifying key, sign messages, and verify the signatures. The key...

5.3CVSS5.7AI score0.00476EPSS
Exploits1References2
OSV
OSV
added 2026/04/10 11:26 a.m.4 views

SUSE-SU-2026:21165-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2026-34073: Fixed X.509 bypass of name constraints on wildcard SANs with matching peer names. bsc1260876 - CVE-2026-26007: missing validation can lead to security issues for signature verification ECDSA and shared key negotiati...

8.2CVSS5.8AI score0.00341EPSS
Exploits0References5
Rows per page
Query Builder