CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2025/11/21 11:15 p.m.•3 views

CVE-2025-11934

Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends ECDSA P521 as the supported signature algorithm the server previously...

2.7CVSS6.7AI score

OSV•added 2025/11/21 11:15 p.m.•1 views

UBUNTU-CVE-2025-11934

2.7CVSS5.8AI score0.00018EPSS

Exploits0References4

AlpineLinux•added 2025/11/21 10:12 p.m.•3 views

CVE-2025-11934

2.7CVSS6.7AI score0.00018EPSS

Positive Technologies•added 2025/11/21 12:0 a.m.•3 views

PT-2025-47811

Name of the Vulnerable Software and Affected Versions wolfSSL versions 5.8.2 and earlier Description A flaw exists in the TLS 1.3 CertificateVerify signature algorithm negotiation within wolfSSL. This issue allows for a downgrade in the signature algorithm used during the TLS handshake...

2.7CVSS6.4AI score0.00018EPSS

Exploits0References11

Tenable Nessus•added 2025/11/20 12:0 a.m.•2 views

TencentOS Server 4: openssl (TSSA-2025:0640)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0640 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

4.1CVSS6.4AI score0.00075EPSS

Microsoft CVE•added 2025/09/03 9:29 p.m.•3 views

Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks.

...

8.2CVSS7AI score0.00598EPSS

OSV•added 2025/03/14 3:46 p.m.•2 views

OESA-2025-1287 compat-openssl11 security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation...

4.1CVSS6.1AI score0.00075EPSS

Amazon•added 2025/03/06 12:0 a.m.•3 views

Medium: openssl11

Issue Overview: Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measuring...

4.1CVSS6.2AI score0.00075EPSS

SUSE Linux•added 2025/02/03 8:51 a.m.•1 views

Security update for mozilla-nss

This update for mozilla-nss fixes the following issues: update to NSS 3.101.2 ChaChaXor to return after the function update to NSS 3.101.1 missing sqlite header. GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME. update to NSS 3.101 add diagnostic assertions for SFTKObject refcount. freeing...

6.5CVSS10AI score0.00245EPSS

Exploits0References44

OSV•added 2025/01/20 2:15 p.m.•1 views

ALPINE-CVE-2024-13176

Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measuring the timing would...

4.1CVSS6.1AI score0.00075EPSS

OSV•added 2025/01/20 2:15 p.m.•2 views

AZL-78537 CVE-2024-13176 affecting package openssl-fips-provider 3.1.2-1

4.1CVSS6.5AI score0.00075EPSS

OpenVAS•added 2024/04/20 12:0 a.m.•16 views

openSUSE Security Advisory (openSUSE-SU-2024:0111-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.9AI score0.23269EPSS

Oracle linux•added 2024/04/19 12:0 a.m.•34 views

nss security update

3.90.0-6fips - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35862190 - Update FIPS module name for Oracle Linux Orabug: 35862190 3.90.0-6 - Fix ecc DER wrapping. 3.90.0-5 - Pick up validated constant time implementations of p256, p384, and p521 from upsream - Mo...

4.3CVSS7AI score0.00245EPSS

OSV•added 2024/04/15 8:15 p.m.•1 views

ALPINE-CVE-2024-31497

In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant...

5.9CVSS6.5AI score0.23269EPSS

FreeBSD•added 2024/04/01 12:0 a.m.•35 views

PuTTY and embedders (f.i., filezilla) -- biased RNG with NIST P521/ecdsa-sha2-nistp521 signatures permits recovering private key

Simon Tatham reports: ECDSA signatures using 521-bit keys the NIST P521 curve, otherwise known as ecdsa-sha2-nistp521 were generated with biased random numbers. This permits an attacker in possession of a few dozen signatures to RECOVER THE PRIVATE KEY. Any 521-bit ECDSA private key that PuTTY or...

5.9CVSS6.7AI score0.23269EPSS

Exploits0References5

OSV•added 2019/01/24 5:29 a.m.•2 views

AZL-79018 CVE-2019-6486 affecting package golang 1.25.7-1

Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service CPU consumption or possibly conduct ECDH private key recovery attacks...

8.2CVSS7.2AI score0.00598EPSS