Lucene search
K

5 matches found

CVE
CVE
added 2026/04/28 6:9 p.m.12 views

CVE-2026-41402

OpenClaw OpenClaw (npm package) is affected by CVE-2026-41402. The vulnerability is a webhook replay cache deduplication scope bypass that lets authenticated attackers replay messages across sibling targets using the same messageId. The issue arises from overly broad cache keying, enabling bypass...

5.4CVSS5.3AI score0.00266EPSS
Exploits0References3Affected Software1
Microsoft CVE
Microsoft CVE
added 2025/09/04 12:38 a.m.9 views

Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.)

...

5.3CVSS7AI score0.01773EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-16910

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might...

5.3CVSS5.8AI score0.01773EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/04/18 12:0 a.m.6 views

Breaking ECDSA with Two Affinely Related Nonces

The security of the Elliptic Curve Digital Signature Algorithm ECDSA depends on the uniqueness and secrecy of the nonce, which is used in each signature. While it is well understood that nonce $k$ reuse across two distinct messages can leak the private key, we show that even if a distinct value i...

6.9AI score
Exploits0
CNVD
CNVD
added 2015/09/06 12:0 a.m.8 views

IBM WebSphere MQ MQI Call Target Channel Agent Crash Vulnerability

IBM WebSphere MQ is a solution for providing messaging services in the enterprise. A security vulnerability exists in IBM WebSphere MQ that allows a remote user to send a special MQI call to crash the target channel agent, stopping processing on other channels running under the same MCA...

5CVSS6.8AI score0.02365EPSS
Exploits0References1
Rows per page
Query Builder