CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

117 matches found

Cvelist•added 2013/12/20 9:0 p.m.•29 views

CVE-2013-4576

GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not...

5.8AI score0.00451EPSS

Exploits0References12

Ubuntu•added 2013/12/18 7:42 p.m.•62 views

USN-2059-1: GnuPG vulnerability

Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an adaptive chosen ciphertext attack via acoustic emanations. A local attacker could use this attack to possibly recover private keys...

2.1CVSS6.7AI score0.00451EPSS

Exploits0

UbuntuCve•added 2013/12/18 12:0 a.m.•28 views

CVE-2013-4576

2.1CVSS6.8AI score0.00451EPSS

Exploits0References4

FreeBSD•added 2013/12/18 12:0 a.m.•43 views

gnupg -- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack

Werner Koch reports: CVE-2013-4576 has been assigned to this security bug. The paper describes two attacks. The first attack allows to distinguish keys: An attacker is able to notice which key is currently used for decryption. This is in general not a problem but may be used to reveal the...

2.1CVSS6AI score0.00451EPSS

Exploits0References1

RedHat Linux•added 2013/02/26 6:7 p.m.•3 views

jbossws: Prone to character encoding pattern attack (XML Encryption flaw)

The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...

5CVSS6.5AI score0.02587EPSS

Exploits0References4

RedHat Linux•added 2013/02/14 6:28 p.m.•3 views

jbossws: Prone to character encoding pattern attack (XML Encryption flaw)

5CVSS6.5AI score0.02587EPSS

Exploits0References4

RedHat Linux•added 2013/01/31 7:31 p.m.•5 views

jbossws: Prone to character encoding pattern attack (XML Encryption flaw)

5CVSS6.5AI score0.02587EPSS

Exploits0References4

RedHat Linux•added 2013/01/31 7:31 p.m.•6 views

jbossws: Prone to Bleichenbacher attack against to be distributed symmetric key

A flaw was found in JBoss web services where the services used a weak symmetric encryption protocol, PKCS1 v1.5. An attacker could use this weakness in chosen-ciphertext attacks to recover the symmetric key and conduct further attacks...

5.9CVSS6.5AI score0.01756EPSS

Exploits0References5

RedHat Linux•added 2013/01/24 7:6 p.m.•4 views

jbossws: Prone to character encoding pattern attack (XML Encryption flaw)

5CVSS6.5AI score0.02587EPSS

Exploits0References4

RedHat Linux•added 2013/01/24 6:44 p.m.•109 views

Important: Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 update

Updated JBoss Enterprise Web Platform 5.2.0 packages that fix multiple security issues, various bugs, and add several enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability...

10CVSS7.7AI score0.15561EPSS

Exploits7References17

RedHat Linux•added 2013/01/24 6:28 p.m.•4 views

jbossws: Prone to character encoding pattern attack (XML Encryption flaw)

5CVSS6.5AI score0.02587EPSS

Exploits0References4

RedHat Linux•added 2013/01/24 6:27 p.m.•3 views

jbossws: Prone to Bleichenbacher attack against to be distributed symmetric key

5.9CVSS6.5AI score0.01756EPSS

Exploits0References5

NVD•added 2012/11/23 8:55 p.m.•20 views

CVE-2011-1096

5CVSS5.5AI score0.02587EPSS

Exploits0References31

Prion•added 2012/11/23 8:55 p.m.•19 views

Input validation

5CVSS6.8AI score0.02587EPSS

Exploits0References31Affected Software1

Cvelist•added 2012/11/23 8:0 p.m.•46 views

CVE-2011-1096

5.5AI score0.02587EPSS

Exploits0References31

CVE•added 2012/11/23 8:0 p.m.•90 views

CVE-2011-1096

CVE-2011-1096 affects the W3C XML Encryption usage in the JBoss Web Services CXF stack (jbossws-cxf) within JBoss Enterprise Portal Platform before 5.2.2 and other products. The root cause is CBC-mode block ciphers enabling a chosen-ciphertext attack on SOAP responses, allowing an attacker to rec...

5CVSS5.6AI score0.02587EPSS

Exploits0References31Affected Software1

Positive Technologies•added 2012/11/23 12:0 a.m.•3 views

PT-2012-1508 · Red Hat · Jboss Enterprise Portal Platform +1

Name of the Vulnerable Software and Affected Versions: JBoss Enterprise Portal Platform versions prior to 5.2.2 Description: The issue allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on SOAP responses. This is related to the use of block ciphers in cipher-block...

5CVSS5.7AI score0.02587EPSS

Exploits0References32

RedHat Linux•added 2012/10/03 3:8 p.m.•2 views

jbossws: Prone to character encoding pattern attack (XML Encryption flaw)

5CVSS6.5AI score0.02587EPSS

Exploits0References4

RedHat Linux•added 2012/09/24 3:52 p.m.•1 views

openssl: CMS and PKCS#7 Bleichenbacher attack

The implementation of Cryptographic Message Syntax CMS and PKCS 7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack MMA adaptive chosen ciphertext...

5CVSS7.2AI score0.13075EPSS

Exploits0References5

OpenVAS•added 2012/04/30 12:0 a.m.•40 views

FreeBSD Ports: openssl

The remote host is missing an update to the system as announced in the referenced advisory. VID 60eb344e-6eb1-11e1-8ad7-00e0815b8da8 OpenVAS Vulnerability Test $ Description: Auto generated from VID 60eb344e-6eb1-11e1-8ad7-00e0815b8da8 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

5CVSS7.7AI score0.13075EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by