Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedHat Linux
RedHat Linuxadded 2026/05/04 2:31 p.m.5 views

JWCrypto: python-cryptography: python: JWCrypto: Memory exhaustion via crafted compressed JWE tokens

A flaw was found in JWCrypto, a Python library for JSON Web Key JWK, JSON Web Signature JWS, and JSON Web Encryption JWE specifications. An unauthenticated attacker can exploit this vulnerability by sending specially crafted JWE tokens that use ZIP compression. While the input token size is...

5.3CVSS5.8AI score0.00294EPSS
Exploits1References5
CNNVD
CNNVDadded 2026/04/08 12:0 a.m.5 views

cryptography 安全漏洞

cryptography is a Python cryptographic authority open-source library. Versions of cryptography from 45.0.0 to 46.0.7 had security vulnerabilities; these vulnerabilities stemmed from improper buffer handling, which could lead to buffer overflows...

9.8CVSS5.9AI score0.00525EPSS
Exploits0References2
OSV
OSVadded 2026/03/20 2:25 p.m.5 views

OESA-2026-1672 python-cryptography security update

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Security Fixes: This vulnerability exists in the pyca cryptography library due to missing subgroup validation for SECT curves. An attacker could exploit this to perform subgroup attacks,...

8.2CVSS5.8AI score0.00227EPSS
Exploits0References2
BDU FSTEC
BDU FSTECadded 2025/04/09 12:0 a.m.5 views

The vulnerability of the Python RSA cryptographic library, which stems from the use of cryptographic algorithms with defects, allows a perpetrator to gain access to confidential data.

The vulnerability of the Python RSA cryptographic library is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data remotely...

7.8CVSS7.1AI score0.01359EPSS
Exploits1References9Affected Software3
Microsoft CVE
Microsoft CVEadded 2024/06/30 2:0 p.m.2 views

Python-cryptography: bleichenbacher timing oracle attack against rsa decryption - incomplete fix for cve-2020-25659

...

7.5CVSS6.4AI score0.02454EPSS
Exploits0
BDU FSTEC
BDU FSTECadded 2024/05/27 12:0 a.m.3 views

The vulnerability of the RSA Key Exchange Handler component in the python-cryptography Python programming library allows a perpetrator to expose confidential data.

The vulnerability of the RSA Key Exchange Handler component in the python-cryptography Python programming library is related to uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to disclose confidential data remotely...

7.8CVSS7.1AI score0.01118EPSS
Exploits0References7Affected Software4
PyPA
PyPAadded 2020/06/01 7:15 p.m.4 views

PYSEC-2020-99

Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior such as by...

7.5CVSS6.9AI score0.01359EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder