Astra Linux - уязвимость в mbedtls

A issue was discovered in Arm Mbed TLS before version 2.23.0. A side channel allows the recovery of an ECC private key, which is related to functions such as mbedtlsecpcheckpubpriv, mbedtlspkparsekey, mbedtlspkparsekeyfile, mbedtlsecpmul, and mbedtlsecpmulrestartable...

Astra Linux - уязвимость в mbedtls

A vulnerability was discovered in Arm Mbed TLS prior to version 2.24.0. An attacker can obtain a private key for RSA or static Diffie-Hellman through a side-channel attack targeting the generation of base blinding/unblinding values...

Astra Linux - уязвимость в mbedtls

A issue was discovered in Arm Mbed TLS before version 2.24.0. The function mbedtlsx509crlparseder has a buffer over-read of one byte...

Astra Linux - уязвимость в mbedtls

A issue was discovered in Arm Mbed TLS before version 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock...

CVE-2019-18222

The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks...

CVE-2020-12887

Memory leaks were discovered in the CoAP library in Arm Mbed OS 5.15.3 when using the Arm mbed-coap library 5.1.5. The CoAP parser is responsible for parsing received CoAP packets. The function sncoapparseroptionsparse parses the CoAP option number field of all options present in the input packet...

CVE-2021-27435

ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in mallocwrapper function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

JLSEC-2025-209 An issue was discovered in Arm Mbed TLS before 2.24.0

An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtlsx509crlparseder has a buffer over-read of one byte...

JLSEC-2025-201 An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15

An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by 1 reconstructing the projective coordinate of the result of scalar multiplication by exploiting side...

JLSEC-2025-207 An issue was discovered in Arm Mbed TLS before 2.24.0

An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key for RSA or static Diffie-Hellman via a side-channel attack against generation of base blinding/unblinding values...

JLSEC-2025-199 The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 doe...

The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks...

JLSEC-2025-206 An issue was discovered in Arm Mbed TLS before 2.23.0

An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext because a certain Lucky 13 countermeasure doesn't properly consider the case of a hardware accelerator...

EUVD-2020-5168

Malware in sbrugna...

EUVD-2020-23951

Malware in sbrugna...

EUVD-2020-23953

Malware in sbrugna...

EUVD-2020-23950

Malware in sbrugna...

EUVD-2020-3346

Malware in sbrugna...

EUVD-2020-5166

Malware in sbrugna...

EUVD-2019-8022

Malware in sbrugna...

EUVD-2018-1320

Malware in sbrugna...