CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

60 matches found

RedHat Linux•added 2023/03/14 1:57 p.m.•1 views

openssl: timing attack in RSA Decryption implementation

A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages...

5.9CVSS6.7AI score0.00218EPSS

Exploits0References5

RedHat Linux•added 2023/02/28 8:22 a.m.•5 views

openssl: timing attack in RSA Decryption implementation

5.9CVSS6.7AI score0.00218EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 3:30 a.m.•1 views

SUSE CVE-2022-4304

A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages fo...

5.9CVSS6.5AI score0.00218EPSS

Exploits0References172

Positive Technologies•added 2023/02/09 12:0 a.m.•1 views

PT-2023-33037 · Openssl · Openssl

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 1.1.0 Description: A timing-based side channel issue exists in the OpenSSL RSA decryption implementation, potentially allowing the recovery of plaintext from across the network. This issue affects all RSA padding...

7AI score

Exploits0References6

Github Security Blog•added 2023/02/08 10:31 p.m.•52 views

openssl-src subject to Timing Oracle in RSA Decryption

5.9CVSS6.7AI score0.00218EPSS

Exploits0References6Affected Software1

OSV•added 2023/02/08 10:31 p.m.•53 views

GHSA-P52G-CM5J-MJV4 openssl-src subject to Timing Oracle in RSA Decryption

5.9CVSS6.7AI score0.00218EPSS

Exploits0References5

OSV•added 2023/02/08 8:15 p.m.•1 views

AZL-34668 CVE-2022-4304 affecting package edk2 for versions less than 20240223gitedc6681206c1-1

5.9CVSS6.9AI score0.00218EPSS

Exploits0References1

OSV•added 2023/02/08 8:15 p.m.•3 views

AZL-13310 CVE-2022-4304 affecting package openssl for versions less than 1.1.1k-21

5.9CVSS6.9AI score0.00218EPSS

Exploits0References1

OSV•added 2023/02/08 8:15 p.m.•2 views

AZL-31140 CVE-2022-4304 affecting package edk2 for versions less than 20230301gitf80f052277c8-42

5.9CVSS6.9AI score0.00218EPSS

Exploits0References1

OSV•added 2023/02/08 8:15 p.m.•29 views

CVE-2022-4304

5.9CVSS6.8AI score

Exploits0References3

OSV•added 2023/02/08 8:15 p.m.•3 views

AZL-13302 CVE-2022-4304 affecting package cloud-hypervisor for versions less than 30.0-2

5.9CVSS6.7AI score0.00218EPSS

Exploits0References1

OSV•added 2023/02/08 8:15 p.m.•1 views

DEBIAN-CVE-2022-4304

5.9CVSS7.2AI score0.00218EPSS

Exploits0References1

Prion•added 2023/02/08 8:15 p.m.•37 views

Design/Logic Flaw

2.6CVSS6.6AI score0.00218EPSS

Exploits0References2Affected Software4

Cvelist•added 2023/02/08 7:4 p.m.•24 views

CVE-2022-4304 Timing Oracle in RSA Decryption

6.7AI score0.00218EPSS

Exploits0References2

Debian CVE•added 2023/02/08 7:4 p.m.•47 views

CVE-2022-4304

5.9CVSS6.8AI score0.00218EPSS

Exploits0

AlpineLinux•added 2023/02/08 7:4 p.m.•28 views

CVE-2022-4304

5.9CVSS7.1AI score0.00218EPSS

Exploits0

RustSec•added 2023/02/07 12:0 p.m.•65 views

Timing Oracle in RSA Decryption

5.9CVSS6.5AI score0.00218EPSS

Exploits0Affected Software1

Tenable Nessus•added 2023/02/07 12:0 a.m.•438 views

OpenSSL 1.0.2 < 1.0.2zg Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.2zg. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2zg advisory. - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were...

7.5CVSS7.8AI score0.88334EPSS

Exploits0References8