CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

888 matches found

OSV•added 2021/04/22 4:16 p.m.•2 views

GHSA-72M5-FVVV-55M6 Observable Differences in Behavior to Error Inputs in Bouncy Castle

In Legion of the Bouncy Castle BC before 1.55 and BC-FJA before 1.0.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext that...

5.3CVSS6.8AI score0.00906EPSS

Exploits0References7

Github Security Blog•added 2021/04/22 4:16 p.m.•67 views

Observable Differences in Behavior to Error Inputs in Bouncy Castle

5.3CVSS5.5AI score0.00906EPSS

Exploits0References8Affected Software8

NVD•added 2021/04/07 9:15 p.m.•6 views

CVE-2020-36315

In RELIC before 2020-08-01, RSA PKCS1 v1.5 signature forgery can occur because certain checks of the padding and of the first two bytes are inadequate. NOTE: this requires that a low public exponent such as 3 is being used. The product, by default, does not generate RSA keys with such a low numbe...

5.3CVSS0.00928EPSS

Exploits1References4

Prion•added 2021/04/07 9:15 p.m.•12 views

Design/Logic Flaw

5CVSS5.3AI score0.00928EPSS

Exploits1References4Affected Software1

Cvelist•added 2021/04/07 8:10 p.m.•12 views

CVE-2020-36315

5.3AI score0.00928EPSS

Exploits1References4

NVD•added 2021/04/01 5:15 a.m.•11 views

CVE-2021-29932

An issue was discovered in the parseduration crate through 2021-03-18 for Rust. It allows attackers to cause a denial of service CPU and memory consumption via a duration string with a large exponent...

7.5CVSS0.00973EPSS

Exploits0References1

OSV•added 2021/04/01 5:15 a.m.•3 views

CVE-2021-29932

7.5CVSS5.8AI score

Exploits0References1

Cvelist•added 2021/04/01 4:24 a.m.•12 views

CVE-2021-29932

7.5AI score0.00973EPSS

Exploits0References1

OSV•added 2021/03/18 12:0 p.m.•25 views

RUSTSEC-2021-0041 Denial of service through parsing payloads with too big exponent

The parseduration::parse function allows for parsing duration strings with exponents like 5e5s where under the hood, the BigInt type along with the pow function are used for such payloads. Passing an arbitrarily big exponent makes the parseduration::parse function to process the payload for a ver...

7.5CVSS7.3AI score0.00973EPSS

Exploits0References3

Positive Technologies•added 2021/03/06 12:0 a.m.•5 views

PT-2024-11136 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A shift-out-of-bounds issue in the load balance function has been resolved. The issue occurred when the sd-nr balance failed value grew to unexpectedly high values. This happened becau...

7.8CVSS6.7AI score0.01549EPSS

Exploits5References811

CNVD•added 2021/01/06 12:0 a.m.•6 views

OIC Exponent CMS Input Validation Error Vulnerability (CNVD-2021-02002)

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from OIC, USA. The system supports direct editing in the page and provides user management, site configuration, content editing and other functions. An input validation error vulnerability exists in Exponen...

9.8CVSS6.6AI score0.01275EPSS

Exploits0References1

CNVD•added 2021/01/06 12:0 a.m.•8 views

OIC Exponent CMS Input Validation Error Vulnerability (CNVD-2021-02029)

9.8CVSS6.6AI score0.01249EPSS

Exploits0References1

CNVD•added 2021/01/06 12:0 a.m.•6 views

OIC Exponent CMS Input Validation Error Vulnerability (CNVD-2021-02030)

9.8CVSS6.6AI score0.01275EPSS

Exploits0References1

CNVD•added 2021/01/06 12:0 a.m.•6 views

OIC Exponent CMS Input Validation Error Vulnerability (CNVD-2021-02003)