5806 matches found
CVE-2025-55279
CVE-2025-55279 concerns ZKTeco WL20, where a hard-coded private key stored in plaintext in the device firmware is exposed. An attacker with physical access can extract the firmware, analyze the binary, and retrieve the private key, enabling unauthorized decryption of data and Man-in-the-Middle at...
SUSE-SU-2025:02773-1 Security update for libgcrypt
This update for libgcrypt fixes the following issues: - CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107...
Security update for libgcrypt
This update for libgcrypt fixes the following issues: CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
PT-2025-32981 · Zkteco · Zkteco Wl20
Name of the Vulnerable Software and Affected Versions: ZKTeco WL20 affected versions not specified Description: The device stores a private key in plaintext within its firmware. An attacker with physical access can extract the firmware, analyze the binary data, and retrieve the private key...
SUSE SLES12 Security Update : libgcrypt (SUSE-SU-2025:02756-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:02756-1 advisory. - CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Tenable has extracted the...
Security update for libgcrypt
This update for libgcrypt fixes the following issues: CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
SUSE-SU-2025:02756-1 Security update for libgcrypt
This update for libgcrypt fixes the following issues: - CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107...
SUSE SLES15 Security Update : libgcrypt (SUSE-SU-2025:02752-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02752-1 advisory. - CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Tenable has...
Security update for libgcrypt
This update for libgcrypt fixes the following issues: CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
SUSE-SU-2025:02752-1 Security update for libgcrypt
This update for libgcrypt fixes the following issues: - CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107...
Linux Distros Unpatched Vulnerability : CVE-2025-37750
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix UAF in decryption with multichannel After commit f7025d861694 smb: client: allocate crypto only for primary server and commit b0abcd65ec54 smb:...
Linux Distros Unpatched Vulnerability : CVE-2024-28176
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens JWT, JSON Web Signature JWS, JSON Web Encryption JWE, JS...
Linux Distros Unpatched Vulnerability : CVE-2021-45450
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psaciphergenerateiv and psacipherencrypt allow policy bypass or oracle-based decryption when the output buffer i...
SUSE SLED15 / SLES15 Security Update : libgcrypt (SUSE-SU-2025:02719-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02719-1 advisory. - CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts...
Security update for libgcrypt
This update for libgcrypt fixes the following issues: CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Linux Distros Unpatched Vulnerability : CVE-2024-45004
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak of blob encryption key Trusted keys unseal the key blob on load...
[SECURITY] Fedora 42 Update: perl-Crypt-CBC-3.07-1.fc42
This is Crypt::CBC, a Perl-only implementation of the cryptographic cipher block chaining mode CBC. In combination with a block cipher such as Crypt::DES or Crypt::IDEA, you can encrypt and decrypt messages of arbitrarily long length. The encrypted messages are compatible with the encryption form...
GLSA-202508-04 : Mozilla Network Security Service (NSS): TLS RSA decryption timing attack
The remote host is affected by the vulnerability described in GLSA-202508-04 Mozilla Network Security Service NSS: TLS RSA decryption timing attack A vulnerability has been discovered in Mozilla Network Security Service NSS. Please review the CVE identifier referenced below for details. Tenable h...
Linux Distros Unpatched Vulnerability : CVE-2021-45451
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Mbed TLS before 3.1.0, psaaeadgeneratenonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an...
Security update for libgcrypt
This update for libgcrypt fixes the following issues: CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...