CVE-2026-22866 ENS DNSSEC Oracle Vulnerable to RSA Signature Forgery via Missing PKCS#1 v1.5 Padding Validation

Ethereum Name Service ENS is a distributed, open, and extensible naming system based on the Ethereum blockchain. In versions 1.6.2 and prior, the RSASHA256Algorithm and RSASHA1Algorithm contracts fail to validate PKCS1 v1.5 padding structure when verifying RSA signatures. The contracts only check...

PT-2026-21935

Name of the Vulnerable Software and Affected Versions Ethereum Name Service ENS versions 1.6.2 and prior Description The RSASHA256Algorithm and RSASHA1Algorithm contracts do not properly validate PKCS1 v1.5 padding when verifying RSA signatures. The contracts only verify the final 32 or 20 bytes ...

SUSE-SU-2026:20089-1 Security update for alloy

This update for alloy fixes the following issues: Upgrade to version 1.12.1. Security issues fixed: - CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents bsc1251509. - CVE-2025-58190: golang.org/x/net/html: excessive memory consumption...

SUSE-SU-2025:4156-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253542...

HSEC-2025-0002 Double Public Key Signing Function Oracle Attack on Ed25519

Double Public Key Signing Function Oracle Attack on Ed25519 The standard specification of Ed25519 message signing involves providing the algorithm with a message and private key. The function will use the private key to compute the public key and sign the message. Some libraries provide a variant...

EUVD-2020-29471

Malware in sbrugna...

EUVD-2025-29483

Malicious code in bioql PyPI...

EUVD-2022-55212

Malicious code in bioql PyPI...

EUVD-2025-14386

Malicious code in bioql PyPI...

CVE-2022-50237

The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...

kernel security update

4.18.0-553.58.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Use of Weak Hash

Overview asu is an An image on demand server for OpenWrt based distributions Affected versions of this package are vulnerable to Use of Weak Hash which allows the ASU server to be polluted with malicious firmware images. Due to the low entropy employed when only 12 characters are used from the...

SUSE CVE-2017-1000385

The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS 1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key this is a variation of the Bleichenbacher attack...

kernel security, bug fix, and enhancement update

4.18.0-305.12.14.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

kernel security and bug fix update

3.10.0-1160.24.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.9 - Update oraclekernel-sig-key...

DNSSEC: How It Works & Key Considerations

From its beginnings as a replacement for a centralized database, the Domain Name System DNS has evolved into a dynamic, highly distributed, question-answer protocol. The proverbial "phone book of the internet" has increased in complexity and scale alongside the rapid growth of the World Wide Web...

USN-4858-1 gradle vulnerabilities

It was discovered that Gradle used an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins were used. A remote unauthenticated attacker could possibly use this issue to perform a machine-in-the-middle attack. CVE-2019-11065 It was discovered that...

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition. An issue was discovered in wolfSSL before 4.5.0, when single precision is not employed. Local attackers can conduct a cache-timing attack against public key operations. These attackers may already have obtained sensitive...

USN-3716-1 dnsmasq update

This update adds the latest DNSSEC validation trust anchor required for the upcoming Root Zone KSK Rollover...

USN-3715-1 dns-root-data update

This update adds the latest DNSSEC validation trust anchor required for the upcoming Root Zone KSK Rollover and refreshes the list of root hints...