12 matches found
EUVD-2021-27196
Malware in sbrugna...
CVE-2021-40006
Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality...
Announcing the $12k NIST Elliptic Curves Seeds Bounty
The NIST elliptic curves that power much of modern cryptography were generated in the late '90s by hashing seeds provided by the NSA. How were the seeds generated? Rumor has it that they are in turn hashes of English sentences, but the person who picked them, Dr. Jerry Solinas, passed away in ear...
GHSA-978J-88F3-P5J3 Threshold value is ignored (all shares are n=3)
Affected versions of this crate did not properly calculate secret shares requirements. This reduces the security of the algorithm by restricting the crate to always using a threshold value of three, rather than a configurable limit. The flaw was corrected by correctly configuring the threshold...
CVE-2021-40006
Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality...
CVE-2021-40006
Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality...
Design/Logic Flaw
Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality...
CVE-2021-40006
Vulnerability of design defects in the security algorithm component. Successful exploitation of this vulnerability may affect confidentiality...
PT-2022-11130 · Huawei · Emui +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue concerns design defects in the security algorithm component. Successful exploitation may affect confidentiality. Recommendations: At the moment, there is no information...
BillQuick Web Suite txtID SQLi
This module exploits a SQL injection vulnerability in BillQUick Web Suite prior to version 22.0.9.1. The application is .net based, and the database is required to be MSSQL. Luckily the website gives error based SQLi messages, so it is trivial to pull data from the database. However the webapp us...
Microsoft Cutting Off SHA-1 Support in February for Edge, IE 11
Microsoft confirmed that Feb. 14, 2017 is the cutoff date for SHA-1 support in its Microsoft Edge and Internet Explorer 11 browsers. After that date, neither browser will immediately load sites still running SHA-1 certificates and users will be shown an invalid certificate warning. Users will als...
Critical: Red Hat Security Advisory: java-1.8.0-oracle security update
Updated java-1.8.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...