Lucene search
K

22 matches found

RedhatCVE
RedhatCVE
added 2026/03/05 1:40 p.m.7 views

CVE-2026-27445

SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature was generated by the expected key, allowing signature spoofing...

6.9CVSS5.9AI score0.00123EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/09/05 12:0 a.m.8 views

Cryptographic Application of Elliptic Curve with High Rank

Elliptic curve cryptography is better than traditional cryptography based on RSA and discrete logarithm of finite field in terms of efficiency and security. In this paper, we show how to exploit elliptic curve with high rank, which has not been used in cryptography before, to construct...

6.9AI score
Exploits0
Fedora
Fedora
added 2025/05/12 1:59 a.m.7 views

[SECURITY] Fedora 41 Update: golang-github-nats-io-nkeys-0.4.11-2.fc41

A public-key signature system based on Ed25519 for the NATS ecosystem...

7.4AI score
Exploits0
Fedora
Fedora
added 2025/05/12 1:56 a.m.15 views

[SECURITY] Fedora 42 Update: golang-github-nats-io-nkeys-0.4.11-2.fc42

A public-key signature system based on Ed25519 for the NATS ecosystem...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2025/03/27 2:29 p.m.32 views

CVE-2025-2516 Use of a weak cryptographic key in the signature verification process in WPS Office

The use of a weak cryptographic key pair in the signature verification process in WPS Office Kingsoft on Windows allows an attacker who successfully recovered the private key to sign components. As older versions of WPS Office did not validate the update server's certificate, an...

9.5CVSS0.0013EPSS
Exploits0References1
OSV
OSV
added 2025/03/20 6:43 p.m.5 views

USN-7363-1 pam-pkcs11 vulnerabilities

Marcus Rückert and Matthias Gerstner discovered that PAM-PKCS11 did not properly handle certain return codes when authentication was not possible. An attacker could possibly use this issue to bypass authentication. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. CVE-2025-24531 It was...

9.2CVSS5.8AI score0.00681EPSS
Exploits0References3
OSV
OSV
added 2025/02/10 3:43 p.m.11 views

CVE-2025-24032 PAM-PKCS#11 vulnerable to authentication bypass with default value for `cert_policy` (`none`)

PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if certpolicy is set to none the default value, then pampkcs11 will only check if the user is capable of logging into the token. An attacker may create a different token with the user...

9.2CVSS7.4AI score0.00681EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2023/11/29 12:0 a.m.11 views

Fedora: Security Advisory for golang-github-nats-io-nkeys (FEDORA-2023-3a895ff65c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.03796EPSS
Exploits0References2
OSV
OSV
added 2019/11/30 1:6 p.m.7 views

MGASA-2019-0348 Updated gnupg2 packages fix security vulnerability

gnupg2 is updated to 2.2.18 and fix security vulnerability: Web of Trust forgeries using collisions in SHA-1 signatures CVE-2019-14855 Note that this change removes all SHA-1 based key signature newer than 2019-01-19 from the web-of-trust. This includes all key signature created with dsa1024 keys...

7.5CVSS7.5AI score0.0105EPSS
Exploits1References3
OSV
OSV
added 2017/08/18 5:29 p.m.1 views

DEBIAN-CVE-2017-11185

The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted RSA signature...

7.5CVSS7.2AI score0.02825EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/11/03 8:6 a.m.6 views

kernel: Kernel panic and system lockup by triggering BUG_ON() in public_key_verify_signature()

A syntax vulnerability was discovered in the kernel's ASN1.1 DER decoder, which could lead to memory corruption or a complete local denial of service through x509 certificate DER files. A local system user could use a specially created key file to trigger BUGON in the publickeyverifysignature...

4.7CVSS7.1AI score0.00475EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2015/05/07 12:0 a.m.5 views

The vulnerability of the Oracle Fusion Middleware software allows a remote attacker to replace the RSA signature.

The vulnerability of the Oracle Fusion Middleware software exists in the NSS Network Security Services library of Mozilla, which is used by the Oracle iPlanet Web Server. This vulnerability stems from incorrect processing of ASN.1 values in H.509 certificates. Exploiting this vulnerability could...

7.5CVSS6.6AI score0.1617EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2013/08/19 11:55 p.m.17 views

CVE-2013-4852

Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service crash and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the S...

6.8CVSS7.7AI score0.03447EPSS
Exploits1References11
OSV
OSV
added 2013/08/19 11:55 p.m.2 views

DEBIAN-CVE-2013-4852

Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service crash and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the S...

6.8CVSS8.2AI score0.03447EPSS
Exploits1References1
Prion
Prion
added 2013/08/19 11:55 p.m.15 views

Integer overflow

Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service crash and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the S...

6.8CVSS8.4AI score0.03447EPSS
Exploits1References11Affected Software4
Debian CVE
Debian CVE
added 2013/08/19 11:0 p.m.21 views

CVE-2013-4852

Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service crash and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the S...

6.8CVSS7.7AI score0.03447EPSS
Exploits1
CVE
CVE
added 2013/08/19 11:0 p.m.97 views

CVE-2013-4852

CVE-2013-4852 describes an integer overflow in PuTTY (0.62 and earlier) and in dependent products (e.g., WinSCP

6.8CVSS7.7AI score0.03447EPSS
Exploits1References11Affected Software1
RedHat Linux
RedHat Linux
added 2009/08/04 1:10 p.m.10 views

kernel: ecryptfs stack overflow in parse_tag_11_packet()

Stack-based buffer overflow in the parsetag11packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service system crash or possibly gain privileges via vectors involving a crafted eCryptfs file, related to n...

6.9CVSS6.3AI score0.00498EPSS
Exploits1References4
NVD
NVD
added 2009/07/31 7:0 p.m.17 views

CVE-2009-2406

Stack-based buffer overflow in the parsetag11packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service system crash or possibly gain privileges via vectors involving a crafted eCryptfs file, related to n...

6.9CVSS6.1AI score0.00498EPSS
Exploits1References27
UbuntuCve
UbuntuCve
added 2009/07/31 7:0 p.m.37 views

CVE-2009-2406

Stack-based buffer overflow in the parsetag11packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service system crash or possibly gain privileges via vectors involving a crafted eCryptfs file, related to n...

6.9CVSS6.5AI score0.00498EPSS
Exploits1References2
Rows per page
Query Builder