Lucene search
+L

204 matches found

Packet Storm News
Packet Storm News
added 2025/07/23 12:0 a.m.3 views

NIST Post-Quantum Cryptography Standard Algorithms Based on Quantum Random Number Generators

In recent years, the advancement of quantum computing technology has posed potential security threats to RSA cryptography and elliptic curve cryptography. In response, the National Institute of Standards and Technology NIST published several Federal Information Processing Standards FIPS of...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/20 12:0 a.m.6 views

Quantum Skyshield: Quantum Key Distribution and Post-Quantum Authentication for Low-Altitude Wireless Networks in Adverse Skies

Recently, low-altitude wireless networks LAWNs have emerged as a critical backbone for supporting the low-altitude economy, particularly with the densification of unmanned aerial vehicles UAVs and high-altitude platforms HAPs. To meet growing data demands, some LAWN deployments incorporate...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/23 12:0 a.m.5 views

A Comparative Study and Implementation of Key Derivation Functions Standardized by NIST and IEEE

Since many applications and services require pseudorandom numbers PRNs, it is feasible to generate specific PRNs under given key values and input messages using Key Derivation Functions KDFs. These KDFs are primarily constructed based on Message Authentication Codes MACs, where the MAC serves as ...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.6 views

Technical Evaluation of a Disruptive Approach in Homomorphic AI

We present a technical evaluation of a new, disruptive cryptographic approach to data security, known as HbHAI Hash-based Homomorphic Artificial Intelligence. HbHAI is based on a novel class of key-dependent hash functions that naturally preserve most similarity properties, most AI algorithms rel...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:4 a.m.6 views

CVE-2023-22334

Use of password hash instead of password for authentication vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote authenticated attacker to obtain user credentials information via a man-in-the-middle attack...

5.3CVSS6.8AI score0.00879EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2025/05/07 7:11 p.m.8 views

python3.11 bug fix update

An update is available for python3.11. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming languag...

7.2AI score
Exploits0
OSV
OSV
added 2025/05/03 4:15 p.m.7 views

AZL-61673 CVE-2024-58134 affecting package perl-Mojolicious 8.57-3

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

8.1CVSS5.7AI score0.00459EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2025/04/21 12:0 a.m.6 views

AESHA3: Efficient and Secure Sub-Key Generation for AES Using SHA-3

Advanced Encryption Standard AES is one of the most widely used symmetric cipher for the confidentiality of data. Also it is used for other security services, viz. integrity, authentication and key establishment. However, recently, authors have shown some weakness in the generation of sub-keys in...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/18 12:0 a.m.8 views

Post Quantum Cryptography (PQC) Signatures without Trapdoors

Some of our current public key methods use a trap door to implement digital signature methods. This includes the RSA method, which uses Fermat's little theorem to support the creation and verification of a digital signature. The problem with a back-door is that the actual trap-door method could, ...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/18 12:0 a.m.13 views

Complexity of Post-Quantum Cryptography in Embedded Systems and Its Optimization Strategies

With the rapid advancements in quantum computing, traditional cryptographic schemes like Rivest-Shamir-Adleman RSA and elliptic curve cryptography ECC are becoming vulnerable, necessitating the development of quantum-resistant algorithms. The National Institute of Standards and Technology NIST ha...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/15 12:0 a.m.7 views

From Cyber Threat to Data Shield: Constructing Provably Secure File Erasure with Repurposed Ransomware Cryptography

Ransomware has emerged as a persistent cybersecurity threat,leveraging robust encryption schemes that often remain unbroken even after public disclosure of source code. Motivated by the technical resilience of such mechanisms, this paper presents SEER Secure and Efficient Encryption-based Erasure...

6.7AI score
Exploits0
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.5 views

ChuanhuChatGPT 代码问题漏洞

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. A server-side request forgery vulnerability exists in ChuanhuChatGPT version 20240914, which stems from a vulnerability that allows a respons...

6.5CVSS6.8AI score0.00454EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2024/09/18 11:46 a.m.9 views

kernel: ipv6: sr: fix out-of-bounds read when setting HMAC data.

An out-of-bounds read flaw was found when setting HMAC data in net/ipv6/seg6.c in the Linux kernel. This issue may lead to a crash...

5.5CVSS7.2AI score0.00242EPSS
Exploits0References5
OSV
OSV
added 2024/08/08 9:15 a.m.41 views

UBUNTU-CVE-2024-42255

In the Linux kernel, the following vulnerability has been resolved: tpm: Use auth only after NULL check in tpmbufcheckhmacresponse Dereference auth after NULL check in tpmbufcheckhmacresponse. Otherwise, unless tpm2sessionsinit was called, a call can cause NULL dereference, when TCGTPM2HMAC is...

5.5CVSS6.2AI score0.00183EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2024/07/23 12:0 a.m.26 views

python3 security update

3.11.7-1.3 - Security fix for CVE-2024-4032 Resolves: RHEL-44097 3.11.7-1.2 - Enable importing of hash-based .pyc files under FIPS mode Resolves: RHEL-40785...

7.5CVSS6.6AI score0.01034EPSS
Exploits0
Oracle linux
Oracle linux
added 2024/07/23 12:0 a.m.295 views

python3 security update

3.9.18-3.3 - Security fix for CVE-2024-4032 Resolves: RHEL-44106 3.9.18-3.2 - Enable importing of hash-based .pyc files under FIPS mode Resolves: RHEL-40767...

7.5CVSS6.6AI score0.01034EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.8 views

The vulnerability of the gcry_md_get_algo_dlen() function in ClusterLabs Booth’s high-availability cluster management and monitoring software allows a attacker to perform an invalid HMAC.

The vulnerability of the gcrymdgetalgodlen function in ClusterLabs Booth’s high-availability cluster management and monitoring software is related to insufficient verification of data authenticity. Exploiting this vulnerability could allow an attacker operating remotely to generate invalid HMACs...

5.9CVSS6.2AI score0.00535EPSS
Exploits0References13Affected Software8
Positive Technologies
Positive Technologies
added 2024/07/16 12:0 a.m.13 views

PT-2024-6943 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the tpm buf check hmac response function in the Linux kernel's Trusted Platform Module TPM driver. It involves a null pointer dereference when TCG TPM2 HMAC is...

5.5CVSS8.3AI score0.00183EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2024/07/09 9:23 a.m.4 views

booth: specially crafted hash can lead to invalid HMAC being accepted by Booth server

A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcrymdgetalgodlen, it may allow an invalid HMAC to be accepted by the Booth server...

5.9CVSS5.7AI score0.00535EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/07/04 12:0 a.m.22 views

Oracle Linux 8 : python3 (ELSA-2024-4243)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4243 advisory. 3.12.3-2 - Enable importing of hash-based .pyc files under FIPS mode Resolves: RHEL-40776 3.12.3-1 - Update to 3.12.3 Related: RHEL-33685 3.12.2-3 - Move all te...

6.2CVSS7.2AI score0.00336EPSS
Exploits0References2
Rows per page
Query Builder