Timing attack

Resource leakage when decoding certificates and keys

Incorrect MAC key used in the RC4-MD5 ciphersuite

OCSP_basic_verify may incorrectly verify the response signing certificate

Miscomputation when performing AES encryption in rust-crypto

Failure to verify the public key of a SignedEnvelope against the PeerId in a PeerRecord

Miscomputed results when using AVX2 backend

SM2 Decryption Buffer Overflow

Read buffer overruns processing ASN.1 strings

libsecp256k1 allows overflowing signatures

Flaw in FieldVar::mul_by_inverse allows unsound R1CS constraint systems

CA certificate check bypass with X509_V_FLAG_X509_STRICT

Incorrect check on buffer length when seeding RNGs

nanorand 0.5.0 - RNGs failed to generate properly for non-64-bit numbers

Observable Discrepancy in libsecp256k1-rs

Threshold value is ignored (all shares are n=3)

ChaCha20 counter overflow can expose repetitions in the keystream

Flaw in Scalar::check_overflow allows side-channel timing attack

Incorrect implementation of the Streebog hash functions

Flaw in CBOR deserializer allows stack overflow

HMAC-BLAKE2 algorithms compute incorrect results

HTTPS MitM vulnerability due to lack of hostname verification