Marvin Attack: potential key recovery through timing sidechannels

Sequential calls of encryption API (encrypt, wrap, and dump) result in nonce reuse

Double Public Key Signing Function Oracle Attack on ed25519-dalek

TLS certificate common name validation bypass

TLS certificate common name validation bypass

aliyun-oss-client secret exposure

Timing Oracle in RSA Decryption

evm incorrect state transition

git2 does not verify SSH keys by default

Using a Custom Cipher with NID_undef may lead to NULL encryption

Post-Quantum Signature scheme Rainbow level I parametersets broken

Post-Quantum Key Encapsulation Mechanism SIKE broken

Safety issues in pkcs11

AES OCB fails to encrypt some bytes

Heap memory corruption with RSA private key operation

Incorrect MAC key used in the RC4-MD5 ciphersuite

OCSP_basic_verify may incorrectly verify the response signing certificate

Timing attack

Miscomputation when performing AES encryption in rust-crypto

Failure to verify the public key of a SignedEnvelope against the PeerId in a PeerRecord

Threshold value is ignored (all shares are n=3)

Miscomputed results when using AVX2 backend

Observable Discrepancy in libsecp256k1-rs

Read buffer overruns processing ASN.1 strings

SM2 Decryption Buffer Overflow

libsecp256k1 allows overflowing signatures

Flaw in FieldVar::mul_by_inverse allows unsound R1CS constraint systems

CA certificate check bypass with X509_V_FLAG_X509_STRICT

Incorrect check on buffer length when seeding RNGs

nanorand 0.5.0 - RNGs failed to generate properly for non-64-bit numbers

ChaCha20 counter overflow can expose repetitions in the keystream

HTTPS MitM vulnerability due to lack of hostname verification

Flaw in CBOR deserializer allows stack overflow

Incorrect implementation of the Streebog hash functions

Flaw in Scalar::check_overflow allows side-channel timing attack

HMAC-BLAKE2 algorithms compute incorrect results