Lucene search
K

11 matches found

Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.14 views

PT-2026-49531

Name of the Vulnerable Software and Affected Versions Crypt::DSA versions prior to 1.21 Description The software reuses the nonce across signatures, which can lead to the recovery of the private key. The sign function in the Crypt::DSA::sign module caches the per-signature nonce material within t...

5.3AI score0.00289EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.7 views

PT-2026-36003

Name of the Vulnerable Software and Affected Versions wget2 affected versions not specified Description An issue exists where the software accepts server certificates with incorrect Key Usage KU or Extended Key Usage EKU. This could allow an attacker who has compromised a certificate and its...

4.8CVSS5.2AI score0.00155EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-17547

Malware in sbrugna...

7.5CVSS7.5AI score0.01377EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-1552

Malware in sbrugna...

5.9CVSS5.9AI score0.01565EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2024-31497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in...

5.9CVSS7.1AI score0.05773EPSS
Exploits0References3
Veracode
Veracode
added 2024/12/02 10:32 a.m.9 views

OT-based ECDSA Protocol Implementation Flaws

github.com/taurusgroup/multi-party-sig is vulnerable to OT-based ECDSA protocol implementation flaws. The vulnerability is due to improper handling of Oblivious Transfer OT operations, allowing an attacker to exploit weaknesses in the OT implementation to compromise private keys or forge digital...

7AI score
Exploits0
OSV
OSV
added 2024/04/19 12:53 p.m.9 views

OPENSUSE-SU-2024:0111-1 Security update for putty

This update for putty fixes the following issues: Update to release 0.81 Fix CVE-2024-31497: NIST P521 / ecdsa-sha2-nistp521 signatures are no longer generated with biased values of k. The previous bias compromises private keys...

5.9CVSS6.7AI score0.05773EPSS
Exploits0References2
PyPA
PyPA
added 2012/06/17 3:41 a.m.7 views

PYSEC-2012-16

PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the private key...

4.3CVSS6.7AI score0.02727EPSS
Exploits2References15Affected Software1
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.33 views

Mandrake Linux Security Advisory : gnupg (MDKSA-2003:109)

A severe vulnerability was discovered in GnuPG by Phong Nguyen relating to ElGamal sign+encrypt keys. From Werner Koch's email message : 'Phong Nguyen identified a severe bug in the way GnuPG creates and uses ElGamal keys for signing. This is a significant security failure which can lead to a...

5CVSS5.5AI score0.02854EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2003/11/27 12:0 a.m.28 views

ElGamal sign+encrypt keys created by GnuPG can be compromised

Any ElGamal sign+encrypt keys created by GnuPG contain a cryptographic weakness that may allow someone to obtain the private key. These keys should be considered unusable and should be revoked. The following summary was written by Werner Koch, GnuPG author: Phong Nguyen identified a severe bug in...

5CVSS6.2AI score0.02854EPSS
Exploits1References1
securityvulns
securityvulns
added 2002/04/29 12:0 a.m.33 views

GOST 34.10/GOST 34.19 digital signature weakness

There is a weakness leading to ability to create "universal" signature without having a key. Also, it's possible to spoof content in case more than one key is allowed. It's also possible to deliberately create "weak" signature which will lead to private key compromise...

3.6AI score
Exploits0References2
Rows per page
Query Builder