Lucene search
K

193 matches found

NVD
NVD
added 2026/01/29 4:16 p.m.8 views

CVE-2025-62514

Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, libparseccrypto, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means ...

8.3CVSS0.0026EPSS
Exploits1References5
OSV
OSV
added 2026/01/29 3:46 p.m.8 views

CVE-2025-62514 `libparsec_crypto` does not check for weak order point of curve 25519

Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, libparseccrypto, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means ...

8.3CVSS5.9AI score0.0026EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/01/29 3:46 p.m.30 views

CVE-2025-62514 `libparsec_crypto` does not check for weak order point of curve 25519

Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, libparseccrypto, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means ...

8.3CVSS0.0026EPSS
Exploits1References5
EUVD
EUVD
added 2026/01/29 3:46 p.m.9 views

EUVD-2025-206513

Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, libparseccrypto, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means ...

8.3CVSS5.9AI score0.0026EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/29 3:46 p.m.6 views

CVE-2025-62514 `libparsec_crypto` does not check for weak order point of curve 25519

Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, libparseccrypto, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means ...

8.3CVSS5.9AI score0.0026EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/29 3:46 p.m.5 views

CVE-2025-62514

Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, libparseccrypto, a component of the Parsec application, does not check for weak order point of Curve25519 when compiled with its RustCrypto backend. In practice this means ...

8.3CVSS5.9AI score0.0026EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2026/01/29 3:46 p.m.17 views

CVE-2025-62514

Parsec’s 3.x web component libparsec_crypto (RustCrypto backend) does not verify weak order points for Curve25519 in versions before 3.6.0. An attacker in a MITM could supply weak order points to both parties during Diffie-Hellman, increasing the chance that both ends derive the same shared key a...

8.3CVSS5.9AI score0.0026EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/29 12:0 a.m.10 views

PT-2026-5304

Name of the Vulnerable Software and Affected Versions Parsec versions prior to 3.6.0 Description Parsec is a cloud-based application for cryptographically secure file sharing. In versions on the 3.x branch prior to 3.6.0, the libparsec crypto component does not check for weak order points of...

8.3CVSS5.9AI score0.0026EPSS
Exploits1References11
CNNVD
CNNVD
added 2026/01/29 12:0 a.m.10 views

parsec-cloud security vulnerability

Parsec-Cloud is a file sharing tool developed by Scille. Versions of Parsec-Cloud prior to 3.6.0 contained security vulnerabilities. These vulnerabilities stemmed from the lack of checks on weak points in the Curve25519 algorithm by the libparseccrypto component, which could lead to...

8.3CVSS5.8AI score0.0026EPSS
Exploits1References6
OSV
OSV
added 2025/12/22 11:44 a.m.4 views

OPENSUSE-SU-2025:20175-1 Security update for mariadb

This update for mariadb fixes the following issues: - Update to 11.8.5: CVE-2025-13699: Fixed Directory Traversal Remote Code Execution Vulnerability bsc1254313 Other fixes: - Add %license tags to license files bsc1252162 - Add INSTALLDOCREADMEDIR cmake flag to install readme and license files -...

7CVSS5.8AI score0.00414EPSS
Exploits0References5
OSV
OSV
added 2025/12/22 11:13 a.m.2 views

SUSE-SU-2026:20018-1 Security update for mariadb

This update for mariadb fixes the following issues: - Update to 11.8.5: CVE-2025-13699: Fixed Directory Traversal Remote Code Execution Vulnerability bsc1254313 Other fixes: - Add %license tags to license files bsc1252162 - Add INSTALLDOCREADMEDIR cmake flag to install readme and license files -...

7CVSS5.8AI score0.00414EPSS
Exploits0References6
Snyk
Snyk
added 2025/12/16 10:32 p.m.4 views

Malicious Package

Overview ts-parsec-repo is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-188567 Malicious code in parsec-barnard-indus-vuepress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector acf67cd6c7d272b18c189b6a696b3683ce668ba0405360dd3850a0a83726854d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in parsec-barnard-indus-vuepress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector acf67cd6c7d272b18c189b6a696b3683ce668ba0405360dd3850a0a83726854d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in parsec-oauth-jsonp-eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e65d8b51f1ca029d90bb2f910e5f3d92bdc1573cc4f996ae4858417ff3dfd2b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.6 views

EUVD-2025-177391

Malicious code in package-eventhoriz-gammarayburst-parsec npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-177508

Malicious code in nuxtjs-ionosphere-parsec-cosmology npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-179553

Malicious code in cosmiconfig-fermiparadox-parsec-forever npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-178807

Malicious code in futurology-fermiparadox-parsec-publish npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.2 views

MAL-2025-188374 Malicious code in nuxtjs-ionosphere-parsec-cosmology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fc3f9da4423ef958a565eaf87c9128d968bf1ebf01edc912b405a408b76df87 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Rows per page
Query Builder