Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2024/01/17 10:6 p.m.33 views

crystals-go vulnerable to KyberSlash (timing side-channel attack for Kyber)

Impact On some platforms, when an attacker can time decapsulation of Kyber on forged cipher texts, they could possibly learn parts of the secret key. Patches Patched in https://github.com/kudelskisecurity/crystals-go/pull/21 Note This library was written as part of a MsC student project in the...

7.2AI score
Exploits0References7Affected Software1
OSV
OSV
added 2024/01/17 10:6 p.m.8 views

GHSA-F6JH-HVG2-9525 crystals-go vulnerable to KyberSlash (timing side-channel attack for Kyber)

Impact On some platforms, when an attacker can time decapsulation of Kyber on forged cipher texts, they could possibly learn parts of the secret key. Patches Patched in https://github.com/kudelskisecurity/crystals-go/pull/21 Note This library was written as part of a MsC student project in the...

7.2AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/01/16 4:5 p.m.180 views

PoC Exploits Published For Microsoft Crypto Bug

Two proof-of-concept PoC exploits have been publicly released for the recently-patched crypto-spoofing vulnerability found by the National Security Agency and reported to Microsoft. The vulnerability CVE-2020-0601 could enable an attacker to spoof a code-signing certificate necessary for validati...

5.8CVSS0.6AI score0.89436EPSS
Exploits15References18
n0where
n0where
added 2018/11/21 3:41 p.m.81 views

Modular Distributed Fingerprinting Engine: Scannerl

Scannerl is a modular distributed fingerprinting engine implemented by Kudelski Security. Scannerl can fingerprint thousands of targets on a single host, but can just as easily be distributed across multiple hosts. Scannerl is to fingerprinting what zmap is to port scanning. Scannerl works on...

7.5AI score
Exploits0References1
Rows per page
Query Builder