Lucene search
K

729 matches found

NVD
NVD
added 2 days ago7 views

CVE-2024-56141

Minosoft is an open-source, multi-version Minecraft Java Edition client written in Kotlin. Starting in commit f1ae30e2b046a490026a8413b075685deb795122, the CryptManager encryption routine CryptManager.kt initializes its AES cipher using an initialization vector IV that is set equal to the secret...

5CVSS0.00111EPSS
Exploits0References2
CVE
CVE
added 3 days ago13 views

CVE-2024-56141

Minosoft’s open-source Minecraft Java Edition client (Kotlin) uses AES with an IV equal to the secret key in CryptManager.kt since commit f1ae30e2. The non-random IV makes encryption vulnerable to chosen-ciphertext/plaintext attacks, enabling an attacker who can request specific encryptions to re...

5CVSS6AI score0.00111EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago31 views

CVE-2024-56141 Minosoft has IV equal to key

Minosoft is an open-source, multi-version Minecraft Java Edition client written in Kotlin. Starting in commit f1ae30e2b046a490026a8413b075685deb795122, the CryptManager encryption routine CryptManager.kt initializes its AES cipher using an initialization vector IV that is set equal to the secret...

5CVSS0.00111EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 3 days ago7 views

CVE-2026-14570

A flaw was found in Crypt::DSA. Versions before 1.22 for Perl use a biased random number generator when creating the Digital Signature Algorithm DSA signing nonce and private key. This bias allows a remote attacker to recover the private key through a lattice attack if they collect a sufficient...

7.5CVSS5.8AI score0.00508EPSS
Exploits0References6
OSV
OSV
added 3 days ago3 views

UBUNTU-CVE-2026-14570

Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private key from a biased random generator, leading to private-key recovery. "Crypt::DSA::Util::makerandom forces the high bit of every value it returns to obtain an exactly N-bit integer for prime search. The signing nonce a...

7.5CVSS5.9AI score0.00508EPSS
Exploits0References7
OSV
OSV
added 4 days ago3 views

DEBIAN-CVE-2026-14570

Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private key from a biased random generator, leading to private-key recovery. "Crypt::DSA::Util::makerandom forces the high bit of every value it returns to obtain an exactly N-bit integer for prime search. The signing nonce a...

7.5CVSS5.9AI score0.00508EPSS
Exploits0References1
NVD
NVD
added 4 days ago10 views

CVE-2026-14570

Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private key from a biased random generator, leading to private-key recovery. "Crypt::DSA::Util::makerandom forces the high bit of every value it returns to obtain an exactly N-bit integer for prime search. The signing nonce a...

7.5CVSS0.00508EPSS
Exploits0References4
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-41713

Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private key from a biased random generator, leading to private-key recovery. "Crypt::DSA::Util::makerandom forces the high bit of every value it returns to obtain an exactly N-bit integer for prime search. The signing nonce a...

5.9AI score0.00508EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago39 views

CVE-2026-14570 Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private key from a biased random generator, leading to private-key recovery

Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private key from a biased random generator, leading to private-key recovery. "Crypt::DSA::Util::makerandom forces the high bit of every value it returns to obtain an exactly N-bit integer for prime search. The signing nonce a...

0.00508EPSS
Exploits0References3
CVE
CVE
added 4 days ago16 views

CVE-2026-14570

CVE-2026-14570 affects Crypt::DSA for Perl up to version 1.21, where Crypt::DSA::Util::makerandom biases the top bit to produce N-bit integers. This causes the DSA signing nonce and the private key to be drawn from a non-uniform distribution. Attackers who observe a modest number of signatures un...

7.5CVSS5.9AI score0.00508EPSS
Exploits0References4
Debian CVE
Debian CVE
added 4 days ago5 views

CVE-2026-14570

Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private key from a biased random generator, leading to private-key recovery. "Crypt::DSA::Util::makerandom forces the high bit of every value it returns to obtain an exactly N-bit integer for prime search. The signing nonce a...

7.5CVSS5.9AI score0.00508EPSS
Exploits0
Positive Technologies
Positive Technologies
added 4 days ago13 views

PT-2026-55751

Name of the Vulnerable Software and Affected Versions Crypt::DSA versions prior to 1.22 Description The software draws the DSA signing nonce and private key from a biased random generator. Specifically, the makerandom function in Crypt::DSA::Util forces the high bit of every returned value to...

7.5CVSS5.9AI score0.00508EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/22 2:7 p.m.10 views

CVE-2026-12205

A flaw was found in Crypt::DSA, a Perl module for Digital Signature Algorithm DSA cryptography. This vulnerability occurs because the software reuses a unique random number, known as a nonce, for multiple digital signatures generated with the same cryptographic key. An attacker could exploit this...

9.1CVSS5.8AI score0.00289EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Firefox

Multiple NSS NIST curves were vulnerable to a side-channel attack known as “Minerva”. This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox versions less than 121...

4.3CVSS6.3AI score0.00714EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 11:16 p.m.12 views

CVE-2026-12205

Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce material in the Key object without ever clearing it. The first sign on a Key object picks a nonce, and every later sign on that same object...

9.1CVSS0.00289EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/15 9:57 p.m.47 views

CVE-2026-12205 Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery

Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce material in the Key object without ever clearing it. The first sign on a Key object picks a nonce, and every later sign on that same object...

0.00289EPSS
Exploits0References2
CVE
CVE
added 2026/06/15 9:57 p.m.20 views

CVE-2026-12205

Crypt::DSA for Perl versions before 1.21 reuse the per-signature nonce across signatures because the sign() function caches nonce data in the Key object and does not clear it. The first sign() selects a nonce and later signs reuse that nonce, producing identical r values, enabling potential priva...

9.1CVSS5.2AI score0.00289EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/15 9:57 p.m.10 views

CVE-2026-12205

Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce material in the Key object without ever clearing it. The first sign on a Key object picks a nonce, and every later sign on that same object...

9.1CVSS5.3AI score0.00289EPSS
Exploits0
NVD
NVD
added 2026/06/15 12:16 p.m.13 views

CVE-2026-34022

The Wertheim SafeController Family 65000, Controller 65000 - AssemblyVersion 6.11.8130.22319, uses weak custom cryptographic algorithms with hard-coded cryptographic keys to protect communication. An attacker in an adversary-in-the-middle position can decrypt the data traffic. During reassessment...

7.1CVSS0.00116EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-12205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce...

9.1CVSS5.9AI score0.00289EPSS
Exploits0References3
Rows per page
Query Builder