164 matches found
EUVD-2016-10649
Malware in sbrugna...
EUVD-2025-0041
Malicious code in bioql PyPI...
EUVD-2023-1038
Malicious code in bioql PyPI...
EUVD-2023-1827
Malicious code in bioql PyPI...
EUVD-2024-54348
Malicious code in bioql PyPI...
POLARIS: Explainable Artificial Intelligence for Mitigating Power Side-Channel Leakage
Microelectronic systems are widely used in many sensitive applications e.g., manufacturing, energy, defense. These systems increasingly handle sensitive data e.g., encryption key and are vulnerable to diverse threats, such as, power side-channel attacks, which infer sensitive data through dynamic...
CVE-2020-26414
An issue has been discovered in GitLab affecting all versions starting from 12.4. The regex used for package names is written in a way that makes execution time have quadratic growth based on the length of the malicious input string...
CVE-2024-36469
Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one...
CVE-2024-36469
Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one...
CVE-2024-36469
Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one...
PT-2025-14460
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description The issue is related to the execution time for unsuccessful logins, which differs when using a non-existing username compared to an existing one. Recommendations At the moment, there is no...
GHSA-Q65W-FG65-79F4 Post-Quantum Secure Feldman's Verifiable Secret Sharing has Timing Side-Channels in Matrix Operations
Description: The feldmanvss library contains timing side-channel vulnerabilities in its matrix operations, specifically within the findsecurepivot function and potentially other parts of securematrixsolve. These vulnerabilities are due to Python's execution model, which does not guarantee...
Post-Quantum Secure Feldman's Verifiable Secret Sharing has Timing Side-Channels in Matrix Operations
Description: The feldmanvss library contains timing side-channel vulnerabilities in its matrix operations, specifically within the findsecurepivot function and potentially other parts of securematrixsolve. These vulnerabilities are due to Python's execution model, which does not guarantee...
CVE-2025-29780 Post-Quantum Secure Feldman's Verifiable Secret Sharing has Timing Side-Channels in Matrix Operations
Post-Quantum Secure Feldman's Verifiable Secret Sharing provides a Python implementation of Feldman's Verifiable Secret Sharing VSS scheme. In versions 0.8.0b2 and prior, the feldmanvss library contains timing side-channel vulnerabilities in its matrix operations, specifically within the...
CVE-2025-29780
CVE-2025-29780 affects the Python implementation of Post-Quantum Secure Feldman's Verifiable Secret Sharing (VSS) in the feldman_vss library, version 0.8.0b2 and earlier. Connected sources describe timing side-channel vulnerabilities in matrix operations, specifically in _find_secure_pivot and po...
Linux Distros Unpatched Vulnerability : CVE-2023-28756
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. I...
Linux Distros Unpatched Vulnerability : CVE-2021-43854
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language...
Amazon Linux 2023 : ruby3.2, ruby3.2-bundled-gems, ruby3.2-default-gems (ALAS2023-2025-839)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-839 advisory. A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings...
BIT-RUBY-MIN-2023-28756
A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2...
GHSA-QQ9F-Q439-2574 Narayana deadlock via multiple join requests sent to LRA Coordinator
A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID within that timeframe, the application may crash or hang indefinitely, leading to a denial of...