Lucene search
K

119 matches found

Packet Storm News
Packet Storm News
added 2025/07/23 12:0 a.m.4 views

On One-Shot Signatures, Quantum Vs Classical Binding, and Obfuscating Permutations

One-shot signatures OSS were defined by Amos, Georgiou, Kiayias, and Zhandry STOC'20. These allow for signing exactly one message, after which the signing key self-destructs, preventing a second message from ever being signed. While such an object is impossible classically, Amos et al observe tha...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/08 12:0 a.m.3 views

A Novel APVD Steganography Technique Incorporating Pseudorandom Pixel Selection for Robust Image Security

Steganography is the process of embedding secret information discreetly within a carrier, ensuring secure exchange of confidential data. The Adaptive Pixel Value Differencing APVD steganography method, while effective, encounters certain challenges like the "unused blocks" issue. This problem can...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/25 12:0 a.m.5 views

PrivacyGo: Privacy-Preserving Ad Measurement with Multidimensional Intersection

This paper tackles the challenging and practical problem of multi-identifier private user profile matching for privacy-preserving ad measurement, a cornerstone of modern advertising analytics. We introduce a comprehensive cryptographic framework leveraging reversed Oblivious Pseudorandom Function...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/02 12:0 a.m.6 views

Black-Box Crypto Is Useless for Pseudorandom Codes

A pseudorandom code is a keyed error-correction scheme with the property that any polynomial number of encodings appear random to any computationally bounded adversary. We show that the pseudorandomness of any code tolerating a constant rate of random errors cannot be based on black-box reduction...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/26 12:0 a.m.4 views

Parallel Kac'S Walk Generates PRU

Ma and Huang recently proved that the PFC construction, introduced by Metger, Poremba, Sinha and Yuen MPSY24, gives an adaptive-secure pseudorandom unitary family PRU. Their proof developed a new path recording technique MH24. In this work, we show that a linear number of sequential repetitions o...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:31 p.m.5 views

CVE-2021-23020

The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and hashing algorithm which could lead to predictable keys...

5.5CVSS6.9AI score0.00255EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/13 12:0 a.m.3 views

Lightweight Hybrid Block-Stream Cryptographic Algorithm for the Internet of Things

In this thesis, a novel lightweight hybrid encryption algorithm named SEPAR is proposed, featuring a 16-bit block length and a 128-bit initialization vector. The algorithm is designed specifically for application in Internet of Things IoT technology devices. The design concept of this algorithm i...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/11 12:0 a.m.4 views

Standing Firm in 5G: a Single-Round, Dropout-Resilient Secure Aggregation for Federated Learning

Federated learning FL is well-suited to 5G networks, where many mobile devices generate sensitive edge data. Secure aggregation protocols enhance privacy in FL by ensuring that individual user updates reveal no information about the underlying client data. However, the dynamic and large-scale...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/24 12:0 a.m.2 views

Near-Term Pseudorandom and Pseudoresource Quantum States

Whitepaper called Near-Term Pseudorandom And Pseudoresource Quantum States...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/15 12:0 a.m.8 views

The vulnerability of the SSH client ssh-agent on Jenkins automation servers is related to errors in the code of the pseudorandom number generator used for generating host keys. This vulnerability allows a attacker to execute a “man-in-the-middle” type attack.

The vulnerability of the SSH client ssh-agent on Jenkins automation servers is related to errors in the code of the pseudorandom number generator used for generating host keys. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” type attack...

9.4CVSS5.8AI score0.00449EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/15 12:0 a.m.6 views

The vulnerability of the SSH client ssh-slave in Jenkins automation servers arises from errors in the code of the pseudorandom number generator used for generating host keys. This vulnerability allows an attacker to execute a “man-in-the-middle” type attack.

The vulnerability of the SSH client ssh-slave in Jenkins automation servers is related to errors in the code of the pseudorandom number generator used for generating host keys. Exploiting this vulnerability allows a remote attacker to execute a “man-in-the-middle” type attack...

9.4CVSS5.8AI score0.00449EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/02/13 10:12 a.m.0 views

Security update for ovmf

This update for ovmf fixes the following issues: CVE-2024-1298: potential division-by-zero crash in edk2 due to UINT32 overflow in S3 ResumeCount. bsc1225889 CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 CVE-2023-45230: buffe...

8.3CVSS7.3AI score0.02084EPSS
Exploits1References40
OSV
OSV
added 2025/02/13 10:12 a.m.7 views

SUSE-SU-2025:0503-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2024-1298: potential division-by-zero crash in edk2 due to UINT32 overflow in S3 ResumeCount. bsc1225889 - CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 - CVE-2023-45230:...

8.8CVSS7.2AI score0.02084EPSS
Exploits1References21
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.13 views

SUSE SLES15 / openSUSE 15 Security Update : ovmf (SUSE-SU-2025:0421-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0421-1 advisory. - CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc12188...

8.8CVSS7.9AI score0.02084EPSS
Exploits1References28
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.9 views

SUSE SLES15 Security Update : ovmf (SUSE-SU-2025:0407-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0407-1 advisory. - CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 -...

8.8CVSS8AI score0.02084EPSS
Exploits1References28
OSV
OSV
added 2025/02/11 10:28 a.m.13 views

SUSE-SU-2025:0421-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 - CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. bsc1218880 - CVE-2023-45231:...

8.8CVSS8.6AI score0.02084EPSS
Exploits1References19
OSV
OSV
added 2025/02/10 1:56 p.m.11 views

SUSE-SU-2025:0407-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2023-45229: out-of-bounds read in edk2 when processing IANA/IATA options in DHCPv6 Advertise messages. bsc1218879 - CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long Server ID option. bsc1218880 - CVE-2023-45231:...

8.8CVSS7AI score0.02084EPSS
Exploits1References19
OSV
OSV
added 2025/01/06 7:23 p.m.15 views

GHSA-237R-R8M4-4Q88 Guzzle OAuth Subscriber has insufficient nonce entropy

Impact Nonce generation does not use sufficient entropy nor a cryptographically secure pseudorandom source https://github.com/guzzle/oauth-subscriber/blob/0.8.0/src/Oauth1.phpL192. This can leave servers vulnerable to replay attacks when TLS is not used. Patches Upgrade to version 0.8.1 or higher...

6.3CVSS4.9AI score0.00443EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/10/07 12:0 a.m.9 views

Fedora: Security Advisory (FEDORA-2024-d940f25a53)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.00432EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2024/10/07 12:0 a.m.7 views

Fedora: Security Advisory (FEDORA-2024-63f98f8c60)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.00432EPSS
Exploits0References4
Rows per page
Query Builder