28 matches found
CVE-2026-45614 OP-TEE vulnerable to ECDH private key recovery
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Prior to version 4.11.0, on many of the ECDH shared secret paths, the public key isn't verified to be a point on the correct curve. By...
cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves
A validation flaw has been discovered in the python cryptography package. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification ECDSA and...
cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves
A validation flaw has been discovered in the python cryptography package. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification ECDSA and...
EUVD-2026-25192
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...
UBUNTU-CVE-2026-35332
NULL-Pointer Dereference When Handling ECDH Public Value in TLS...
EUVD-2026-13209
Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required keyshare extension,...
CVE-2026-3230
wolfSSL’s TLS 1.3 client logic is affected by an improper key_share handling during HelloRetryRequest, allowing a crafted HelloRetryRequest followed by a ServerHello without the key_share extension to derive predictable traffic secrets from the (EC)DHE shared secret. Affected component: TLS hands...
PT-2026-26366
Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required key share extension,...
CVE-2026-1229 Incorrect calculation in CIRCL secp384r1 CombinedMult
The CombinedMult function in the CIRCL ecc/p384 package secp384r1 curve produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas. ECDH and ECDSA signing relying on this curve are not affected. The bug was fixed in v1.6.3...
SUSE CVE-2024-23342
The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Versions 0.18.0 and prior are vulnerable to the...
SUSE CVE-2014-3510
The ssl3sendclientkeyexchange function in s3clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service NULL pointer dereference and client application crash via a crafted handshake message in conjunction with a 1...
Go 1.20 Cryptography
The first second release candidate of Go 1.20 is out!1 This is the first release I participated in as an independent maintainer, after leaving Google to become a professional Open Source maintainer. By the way, thats going great, and Im going to write more about it here soon! Im pretty happy with...
GHSA-RVJ9-8CVX-3VQ9 Invalid Curve Attack in node-jose
Affected versions of node-jose are vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static ECDH-ES is used. Proof of Concept Recommendation Update to version 0.9.3 or later...
Invalid Curve Attack in node-jose
Affected versions of node-jose are vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static ECDH-ES is used. Proof of Concept Recommendation Update to version 0.9.3 or later...
Invalid Curve Attack
github.com/square/go-jose is vulnerable to invalid curve attacks. These attacks are possible when using key agreement with Elliptic Curve Diffie-Hellman Ephemeral Static ECDH-ES, allowing attackers to recover the private secret key...
Invalid Curve Attack
github.com/dvsekhvalnov/jose2go is vulnerable to invalid curve attacks. These attacks are possible when using key agreement with Elliptic Curve Diffie-Hellman Ephemeral Static ECDH-ES, allowing attackers to recover the private secret key...
Invalid Curve Attack
Overview Affected versions of node-jose are vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static ECDH-ES is used. Proof of Concept Recommendation Update to version 0.9.3 or...
Carry Propagation
bouncycastle is vulnerable to carry propagation bugs. This bug caused mathematical miscalculations during static Elliptic Curve Diffie Hellman which in rare cases for it to miscalculate elliptic curve scalar multiplication. This allows a malicious user in certain cases to obtain the key...
SUSE: Security Advisory for cyrus-imapd (SUSE-SU-2016:1457-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2016:1457-1 Security update for cyrus-imapd
Previous versions of cyrus-imapd would not allow its users to disable old protocols like SSLv1 and SSLv2 that are unsafe due to various known attacks like BEAST and POODLE. https://bugzilla.cyrusimap.org/showbug.cgi?id=3867 remedies this issue by adding the configuration option 'tlsversions' to...