Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-46016

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00527EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-46524

Malicious code in bioql PyPI...

5.9CVSS5.4AI score0.0042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:1 a.m.11 views

CVE-2022-42961

An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signatures. These signatures can be processed via ...

5.3CVSS7AI score0.00527EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-5288

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSLCHECKSIGFAULT...

5.9CVSS5.9AI score0.0042EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/02/14 5:46 a.m.5 views

SUSE CVE-2024-5288

An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSLCHECKSIGFAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault...

5.9CVSS6.4AI score0.0042EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.7 views

Azure Linux 3.0 Security Update: mariadb (CVE-2024-5288)

The version of mariadb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-5288 advisory. - An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, lead...

5.9CVSS5.5AI score0.0042EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/12/13 12:0 a.m.11 views

CBL Mariner 2.0 Security Update: mariadb (CVE-2024-5288)

The version of mariadb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-5288 advisory. - An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, lead...

5.9CVSS5.5AI score0.0042EPSS
Exploits0References2
CNVD
CNVD
added 2024/08/29 12:0 a.m.7 views

Unspecified vulnerability in wolfSSL (CNVD-2024-37448)

wolfSSL CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. A security vulnerability exists in wolfSSL versions prior to 5.7.0, which can be exploited by an attacker to cause ECDSA key disclosure...

5.9CVSS6.5AI score0.0042EPSS
Exploits0References1
OSV
OSV
added 2024/08/27 6:36 p.m.14 views

CVE-2024-5288 Safe-error attack on TLS 1.3 Protocol

An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSLCHECKSIGFAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault...

5.1CVSS6.1AI score0.0042EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/08/27 6:36 p.m.27 views

CVE-2024-5288 Safe-error attack on TLS 1.3 Protocol

An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSLCHECKSIGFAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault...

5.1CVSS0.0042EPSS
Exploits0References1
OSV
OSV
added 2022/10/15 4:15 a.m.6 views

UBUNTU-CVE-2022-42961

An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signatures. These signatures can be processed via ...

5.3CVSS6AI score0.00527EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/10/15 12:0 a.m.28 views

CVE-2022-42961

An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signatures. These signatures can be processed via ...

5.6AI score0.00527EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/15 12:0 a.m.6 views

PT-2022-26682 · Wolfssl +1 · Wolfssl +1

Name of the Vulnerable Software and Affected Versions: wolfSSL versions prior to 5.5.0 Description: An issue was discovered in wolfSSL that allows a fault injection attack on RAM via Rowhammer, leading to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in...

9.1CVSS6.3AI score0.04343EPSS
Exploits6References24
Vulnrichment
Vulnrichment
added 2022/10/15 12:0 a.m.12 views

CVE-2022-42961

An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signatures. These signatures can be processed via ...

5.3AI score0.00527EPSS
Exploits0References1
CVE
CVE
added 2022/10/15 12:0 a.m.121 views

CVE-2022-42961

CVE-2022-42961 concerns wolfSSL before 5.5.0, where a Rowhammer RAM fault injection can disclose ECDSA private-key material during signing (e.g., TLS handshakes). The issue may allow leakage of faulty ECC signatures, enabling an advanced technique for ECDSA key recovery. Impact is limited to conf...

5.3CVSS5.3AI score0.00527EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/10/15 12:0 a.m.20 views

CVE-2022-42961

An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signatures. These signatures can be processed via ...

5.3CVSS5.4AI score0.00527EPSS
Exploits0References3
Rows per page
Query Builder