Lucene search
+L

2046 matches found

osv
osv
added 2026/04/11 2:3 p.m.3 views

OESA-2026-1839 python-ecdsa security update

This is an easy-to-use implementation of ECDSA cryptography Elliptic Curve Digital Signature Algorithm, implemented purely in Python, released under the MIT license. With this library, you can quickly create keypairs signing key and verifying key, sign messages, and verify the signatures. The key...

5.3CVSS5.8AI score0.00476EPSS
Exploits1References2
osv
osv
added 2026/04/11 2:3 p.m.3 views

OESA-2026-1838 python-ecdsa security update

This is an easy-to-use implementation of ECDSA cryptography Elliptic Curve Digital Signature Algorithm, implemented purely in Python, released under the MIT license. With this library, you can quickly create keypairs signing key and verifying key, sign messages, and verify the signatures. The key...

5.3CVSS5.7AI score0.00476EPSS
Exploits1References2
osv
osv
added 2026/04/10 11:26 a.m.4 views

SUSE-SU-2026:21165-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2026-34073: Fixed X.509 bypass of name constraints on wildcard SANs with matching peer names. bsc1260876 - CVE-2026-26007: missing validation can lead to security issues for signature verification ECDSA and shared key negotiati...

8.2CVSS5.8AI score0.00341EPSS
Exploits0References5
nessus
nessus
added 2026/04/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-5194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant ke...

9.3CVSS6.8AI score0.00468EPSS
Exploits1References3
cbl_mariner
cbl_mariner
added 2026/04/09 10:23 p.m.7 views

CVE-2026-33936 affecting package python-ecdsa for versions less than 0.19.2-1

CVE-2026-33936 affecting package python-ecdsa for versions less than 0.19.2-1. An upgraded version of the package is available that resolves this issue...

5.3CVSS5.8AI score0.00476EPSS
Exploits1
osv
osv
added 2026/04/09 9:32 p.m.3 views

JLSEC-2026-76

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...

3.1CVSS5.8AI score0.00237EPSS
Exploits0References4
euvd
euvd
added 2026/04/09 9:31 p.m.7 views

EUVD-2026-21070

Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication...

9.3CVSS5.8AI score0.00468EPSS
Exploits1References2
snyk
snyk
added 2026/04/09 9:7 p.m.12 views

Improper Certificate Validation

Overview wolfssl is a None Affected versions of this package are vulnerable to Improper Certificate Validation. due to missing hash/digest size and OID checks in the certificate verification process. An attacker can bypass signature verification by providing digests smaller than allowed when...

9.9CVSS6.6AI score0.00468EPSS
Exploits1References2
osv
osv
added 2026/04/09 8:16 p.m.6 views

UBUNTU-CVE-2026-5194

Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication...

9.3CVSS5.8AI score0.00468EPSS
Exploits1References3
cve
cve
added 2026/04/09 7:30 p.m.292 views

CVE-2026-5194

The CVE-2026-5194 issue concerns wolfSSL’s ECDSA certificate verification: missing hash/digest size and OID checks may allow digests smaller than allowed for the given key type to pass verification when EdDSA or ML-DSA is enabled. This could reduce security of ECDSA certificate-based authenticati...

9.3CVSS5.8AI score0.00468EPSS
Exploits1References2Affected Software1
ibm
ibm
added 2026/04/06 10:16 a.m.8 views

Security Bulletin: There is a vulnerability in cryptography-46.0.3-cp311-abi3-manylinux_2_34_x86_64.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-26007)

Summary There is a vulnerability in cryptography-46.0.3-cp311-abi3-manylinux234x8664.whl used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION: cryptography is a package designed to expose cryptographic primitives and recipes...

8.2CVSS5.9AI score0.00341EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2026/04/06 5:24 a.m.6 views

CVE-2026-5527

A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Private Key Handler. This manipulation causes use of hard-coded cryptographic key . It is possible t...

6.9CVSS5.9AI score0.00435EPSS
Exploits0References1
euvd
euvd
added 2026/04/05 12:30 a.m.8 views

EUVD-2026-19003

A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Private Key Handler. This manipulation causes use of hard-coded cryptographic key . It is possible t...

6.9CVSS5.9AI score0.00435EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/04/04 11:15 p.m.2 views

CVE-2026-5527

A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Private Key Handler. This manipulation causes use of hard-coded cryptographic key . It is possible t...

6.9CVSS5.7AI score0.00435EPSS
Exploits0References5Affected Software1
mscve
mscve
added 2026/04/04 8:2 a.m.4 views

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.

...

6.5CVSS5.8AI score0.00237EPSS
Exploits0
nessus
nessus
added 2026/04/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-35387

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is...

6.5CVSS5.8AI score0.00237EPSS
Exploits0References3
susecve
susecve
added 2026/04/03 11:24 p.m.7 views

SUSE CVE-2026-35387

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...

3.1CVSS5.8AI score0.00237EPSS
Exploits0References8
euvd
euvd
added 2026/04/02 6:31 p.m.9 views

EUVD-2026-18402

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...

3.1CVSS5.9AI score0.00237EPSS
Exploits0References4
nvd
nvd
added 2026/04/02 5:16 p.m.4 views

CVE-2026-35387

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...

6.5CVSS0.00237EPSS
Exploits0References3
osv
osv
added 2026/04/02 5:16 p.m.6 views

UBUNTU-CVE-2026-35387

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...

6.5CVSS5.8AI score0.00237EPSS
Exploits0References4
Rows per page
Query Builder