Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-28115

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00377EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2024/10/27 12:0 a.m.4 views

EulerOS Virtualization 2.12.1 : openssl (EulerOS-SA-2024-2757)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a cra...

9.1CVSS7.6AI score0.06873EPSS
Exploits1References2
OSV
OSVadded 2022/07/29 7:15 p.m.23 views

CVE-2022-23004

When computing a shared secret or point multiplication on the NIST P-256 curve using a public key with an X coordinate of zero, an error is returned from the library, and an invalid unreduced value is written to the output buffer. This may be leveraged by an attacker to cause an error scenario,...

5.3CVSS6.8AI score
Exploits0References1
Prion
Prionadded 2022/07/29 7:15 p.m.14 views

Code injection

When compressing or decompressing elliptic curve points using the Sweet B library, an incorrect choice of sign bit is used. An attacker with user level privileges and no other user's assistance can exploit this vulnerability with only knowledge of the public key and the library. The resulting...

5CVSS5.3AI score0.00377EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2022/07/29 7:15 p.m.11 views

Code injection

When compressing or decompressing a point on the NIST P-256 elliptic curve with an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output will cause an error when used in other operations. This may be leveraged by an...

5CVSS5.3AI score0.00377EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2022/07/29 6:55 p.m.20 views

CVE-2022-23004 Algorithm incorrectly returning error and Invalid unreduced value written to output buffer

When computing a shared secret or point multiplication on the NIST P-256 curve using a public key with an X coordinate of zero, an error is returned from the library, and an invalid unreduced value is written to the output buffer. This may be leveraged by an attacker to cause an error scenario,...

5.3CVSS5.6AI score0.00377EPSS
Exploits0References1
CVE
CVEadded 2022/07/29 6:55 p.m.53 views

CVE-2022-23004

CVE-2022-23004 affects the Western Digital Sweet B library (ECC on NIST P-256). When performing a shared secret calculation or point multiplication with a public key whose X coordinate is zero, the library returns an error and writes an invalid unreduced value to the output buffer, potentially al...

5.3CVSS5.3AI score0.00377EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder