Lucene search
K

656 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.6 views

SUSE SLED15 / SLES15 Security Update : strongswan (SUSE-SU-2026:1637-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1637-1 advisory. - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329:...

5.8AI score
Exploits6References22
OSV
OSV
added 2026/04/29 8:41 a.m.6 views

CLSA-2026-1777452099 nettle: Fix of CVE-2021-3580

CVE-2021-3580: add input validation to RSA decrypt family and length check to pkcs1secdecrypt...

7.5CVSS5.8AI score0.02686EPSS
Exploits0References1
OSV
OSV
added 2026/04/27 6:33 p.m.13 views

JLSEC-2026-231 openssl-src subject to Timing Oracle in RSA Decryption

A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages fo...

5.9CVSS7.3AI score0.16195EPSS
Exploits0References6
OSV
OSV
added 2026/04/27 6:33 p.m.14 views

JLSEC-2026-218 In situations where an attacker receives automated notification of the success or failure of a...

In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted...

4.3CVSS6.1AI score0.03838EPSS
Exploits0References44
SUSE Linux
SUSE Linux
added 2026/04/27 4:59 p.m.7 views

Security update for strongswan

This update for strongswan fixes the following issues: CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. CVE-2026-35330: integer underflow when handling EAP-SIM/AKA...

9.2CVSS5.2AI score
Exploits6References28
OSV
OSV
added 2026/04/27 4:59 p.m.3 views

SUSE-SU-2026:1637-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. - CVE-2026-35330: integer underflow when handling EAP-SIM/AKA...

5.2AI score
Exploits6References15
OSV
OSV
added 2026/04/27 11:41 a.m.12 views

USN-8196-2 strongswan vulnerabilities

USN-8196-1 fixed vulnerabilities in strongSwan. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: Haruto Kimura discovered that strongSwan incorrectly handled the supportedversions extension in TLS. A remote attacker could possibly use this issue to cau...

6AI score
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.8 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : strongSwan vulnerabilities (USN-8196-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8196-1 advisory. Haruto Kimura discovered that strongSwan incorrectly handled the supportedversions extension in TLS. A remote attacker could possibly...

6.1AI score
Exploits6References8
Debian
Debian
added 2026/04/22 12:57 p.m.7 views

[SECURITY] [DSA 6227-1] strongswan security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6227-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez April 22, 2026 https://www.debian.org/security/faq -...

6.4AI score
Exploits6
OSV
OSV
added 2026/04/22 12:46 p.m.12 views

USN-8196-1 strongswan vulnerabilities

Haruto Kimura discovered that strongSwan incorrectly handled the supportedversions extension in TLS. A remote attacker could possibly use this issue to cause strongSwan to stop responding, resulting in a denial of service. CVE-2026-35328 Haruto Kimura discovered that strongSwan incorrectly handle...

6AI score
Exploits6References8
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.9 views

PT-2026-35581

USN-8196-1 fixed vulnerabilities in strongSwan. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: Haruto Kimura discovered that strongSwan incorrectly handled the supported versions extension in TLS. A remote attacker could possibly use this issue to...

5.9AI score
Exploits6References37
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.11 views

PT-2026-35584

USN-8196-1 fixed vulnerabilities in strongSwan. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: Haruto Kimura discovered that strongSwan incorrectly handled the supported versions extension in TLS. A remote attacker could possibly use this issue to...

5.9AI score
Exploits6References36
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.5 views

PT-2026-35583

USN-8196-1 fixed vulnerabilities in strongSwan. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: Haruto Kimura discovered that strongSwan incorrectly handled the supported versions extension in TLS. A remote attacker could possibly use this issue to...

5.9AI score
Exploits6References37
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.8 views

PT-2026-35582

USN-8196-1 fixed vulnerabilities in strongSwan. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: Haruto Kimura discovered that strongSwan incorrectly handled the supported versions extension in TLS. A remote attacker could possibly use this issue to...

5.9AI score
Exploits6References36
RedhatCVE
RedhatCVE
added 2026/04/02 5:58 a.m.4 views

CVE-2025-66442

A flaw was found in Mbed TLS and TF-PSA-Crypto. This vulnerability is a compiler-induced timing side channel that occurs when the LLVM compiler's select-optimize feature is enabled. A remote attacker could potentially exploit this timing difference during RSA and CBC/ECB decryption operations to...

5.9CVSS5.8AI score0.0027EPSS
Exploits0References7
EUVD
EUVD
added 2026/04/01 9:30 p.m.6 views

EUVD-2025-209171

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel in RSA and CBC/ECB decryption that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected...

5.1CVSS5.9AI score0.0027EPSS
Exploits0References5
NVD
NVD
added 2026/04/01 8:16 p.m.5 views

CVE-2025-66442

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel in RSA and CBC/ECB decryption that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected...

5.1CVSS0.0027EPSS
Exploits0References4
OSV
OSV
added 2026/04/01 8:16 p.m.4 views

DEBIAN-CVE-2025-66442

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel in RSA and CBC/ECB decryption that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected...

5.1CVSS5.2AI score0.0027EPSS
Exploits0References1
OSV
OSV
added 2026/04/01 8:16 p.m.6 views

UBUNTU-CVE-2025-66442

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel in RSA and CBC/ECB decryption that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected...

5.1CVSS5.8AI score0.0027EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/04/01 8:16 p.m.4 views

CVE-2025-66442

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel in RSA and CBC/ECB decryption that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected...

5.1CVSS5.9AI score0.0027EPSS
Exploits0References5
Rows per page
Query Builder