Lucene search
K

20 matches found

NVD
NVD
added 2026/06/10 10:17 p.m.11 views

CVE-2026-46669

OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's tryhonestpairingcheck function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling factor s is in a...

8.7CVSS0.00226EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/10 8:9 p.m.30 views

CVE-2026-46669 `openvm-pairing` pairing check missing proper subfield check on scaling factor

OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's tryhonestpairingcheck function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling factor s is in a...

8.7CVSS0.00226EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/10 8:9 p.m.8 views

CVE-2026-46669 `openvm-pairing` pairing check missing proper subfield check on scaling factor

OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's tryhonestpairingcheck function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling factor s is in a...

8.7CVSS5.4AI score0.00226EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/10 8:9 p.m.11 views

EUVD-2026-36121

OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's tryhonestpairingcheck function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling factor s is in a...

8.7CVSS5.4AI score0.00226EPSS
Exploits0References2
CVE
CVE
added 2026/06/10 8:9 p.m.15 views

CVE-2026-46669

OpenVM-pairing vulnerability CVE-2026-46669: the openvm-pairing guest library’s try_honest_pairing_check previously did not verify that the scaling factor s lies in a proper subfield of Fp12, allowing incorrect pairing results. The issue has been patched in version 1.6.0; users should upgrade to ...

8.7CVSS5.4AI score0.00226EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.14 views

PT-2026-48536

Name of the Vulnerable Software and Affected Versions OpenVM versions prior to 1.6.0 Description The try honest pairing check function in the openvm-pairing guest library fails to verify that the scaling factor s is within a proper subfield of Fp12. This omission can lead to incorrect results...

8.7CVSS5.2AI score0.00226EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.3 views

CVE-2026-31872

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.6 and 8.6.32, the protectedFields class-level permission CLP can be bypassed using dot-notation in query WHERE clauses and sort parameters. An attacker can use dot-notation...

8.7CVSS5.8AI score0.00367EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.4 views

PT-2026-24635

Impact An attacker can use a dot-notation field name in combination with the sort query parameter to inject SQL into the PostgreSQL database through an improper escaping of sub-field values in dot-notation queries. The vulnerability may also affect queries that use dot-notation field names with t...

9.3CVSS5.8AI score
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-8079

Malware in sbrugna...

7.5CVSS5.8AI score0.06816EPSS
Exploits0References22
Packet Storm News
Packet Storm News
added 2025/05/15 12:0 a.m.2 views

The Tangent Space Attack

We propose a new method for retrieving the algebraic structure of a generic alternant code given an arbitrary generator matrix, provided certain conditions are met. We then discuss how this challenges the security of the McEliece cryptosystem instantiated with this family of codes. The central...

7.1AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:3 a.m.3 views

SUSE CVE-2016-4416

epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet...

5.9CVSS6.7AI score0.01062EPSS
Exploits0References3
NVD
NVD
added 2019/10/03 4:15 p.m.19 views

CVE-2018-16227

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-80211.c for the Mesh Flags subfield...

7.5CVSS8.7AI score0.06816EPSS
Exploits0References16
Prion
Prion
added 2019/10/03 4:15 p.m.18 views

Design/Logic Flaw

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-80211.c for the Mesh Flags subfield...

5CVSS8.4AI score0.06816EPSS
Exploits0References16Affected Software6
Cvelist
Cvelist
added 2019/10/03 3:44 p.m.22 views

CVE-2018-16227

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-80211.c for the Mesh Flags subfield...

8.7AI score0.06816EPSS
Exploits0References16
AlpineLinux
AlpineLinux
added 2019/10/03 3:44 p.m.38 views

CVE-2018-16227

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-80211.c for the Mesh Flags subfield...

7.5CVSS8.9AI score0.06816EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/09/30 12:0 a.m.21 views

CVE-2018-16227

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-80211.c for the Mesh Flags subfield...

7.5CVSS6.6AI score0.06816EPSS
Exploits0References4
OSV
OSV
added 2016/05/01 1:59 a.m.5 views

CVE-2016-4416

epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet...

5.9CVSS6.6AI score
Exploits0References2
OSV
OSV
added 2016/05/01 1:59 a.m.2 views

DEBIAN-CVE-2016-4416

epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet...

5.9CVSS6.2AI score0.01062EPSS
Exploits0References1
OSV
OSV
added 2016/05/01 1:59 a.m.3 views

UBUNTU-CVE-2016-4416

epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet...

5.9CVSS6.6AI score0.01062EPSS
Exploits0References4
Cvelist
Cvelist
added 2016/05/01 1:0 a.m.26 views

CVE-2016-4416

epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet...

5.6AI score0.01062EPSS
Exploits0References2
Rows per page
Query Builder