Bias of Polynomial Coefficients in Secret Sharing

Ambiguous challenge derivation

Ambiguous challenge derivation

Ambiguous challenge derivation

olm-sys: wrapped library unmaintained, potentially vulnerable

UserIdentity::is_verified not checking verification status of own user identity while performing the check

Usage of non-constant time base64 decoder could lead to leakage of secret key material

Timing variability in curve25519-dalek's Scalar29::sub/Scalar52::sub

Reduced entropy due to inadequate character set usage

KyberSlash: division timings depending on secrets

Unauthenticated Nonce Increment in snow

Improper comparison of different-length signatures

Marvin Attack: potential key recovery through timing sidechannels

Sequential calls of encryption API (encrypt, wrap, and dump) result in nonce reuse

Double Public Key Signing Function Oracle Attack on ed25519-dalek

TLS certificate common name validation bypass

TLS certificate common name validation bypass

aliyun-oss-client secret exposure

Timing Oracle in RSA Decryption

evm incorrect state transition

git2 does not verify SSH keys by default

Using a Custom Cipher with NID_undef may lead to NULL encryption

Post-Quantum Signature scheme Rainbow level I parametersets broken

Post-Quantum Key Encapsulation Mechanism SIKE broken

Safety issues in pkcs11

Heap memory corruption with RSA private key operation

AES OCB fails to encrypt some bytes

OCSP_basic_verify may incorrectly verify the response signing certificate

Incorrect MAC key used in the RC4-MD5 ciphersuite

Timing attack

Miscomputation when performing AES encryption in rust-crypto

Failure to verify the public key of a SignedEnvelope against the PeerId in a PeerRecord

Threshold value is ignored (all shares are n=3)

Miscomputed results when using AVX2 backend

Observable Discrepancy in libsecp256k1-rs

Read buffer overruns processing ASN.1 strings

SM2 Decryption Buffer Overflow

libsecp256k1 allows overflowing signatures

Flaw in FieldVar::mul_by_inverse allows unsound R1CS constraint systems

CA certificate check bypass with X509_V_FLAG_X509_STRICT

Incorrect check on buffer length when seeding RNGs

nanorand 0.5.0 - RNGs failed to generate properly for non-64-bit numbers

HTTPS MitM vulnerability due to lack of hostname verification

Incorrect implementation of the Streebog hash functions

HMAC-BLAKE2 algorithms compute incorrect results

Flaw in CBOR deserializer allows stack overflow

ChaCha20 counter overflow can expose repetitions in the keystream

Flaw in Scalar::check_overflow allows side-channel timing attack