Lucene search
K

652 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.2 views

EulerOS 2.0 SP12 : shim (EulerOS-SA-2025-2027)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in ...

5.9CVSS7.8AI score0.16195EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

EulerOS 2.0 SP12 : shim (EulerOS-SA-2025-2058)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in...

5.9CVSS7.9AI score0.16195EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/09/10 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2025-2027)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.7AI score0.16195EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/09/10 12:0 a.m.2 views

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2025-2058)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.7AI score0.16195EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/09/10 12:0 a.m.2 views

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2025-2114)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.7AI score0.16195EPSS
Exploits0References2
OSV
OSV
added 2025/09/04 4:47 a.m.5 views

CLSA-2025-1756961235 nss: Fix of CVE-2023-5388

CVE-2023-5388: fix timing attack against RSA decryption in TLS r=jschanck...

6.5CVSS5.8AI score0.00816EPSS
Exploits0References1
OSV
OSV
added 2025/08/11 1:15 p.m.3 views

SUSE-SU-2025:02752-1 Security update for libgcrypt

This update for libgcrypt fixes the following issues: - CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107...

5.9CVSS7AI score0.01114EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.6 views

GLSA-202508-04 : Mozilla Network Security Service (NSS): TLS RSA decryption timing attack

The remote host is affected by the vulnerability described in GLSA-202508-04 Mozilla Network Security Service NSS: TLS RSA decryption timing attack A vulnerability has been discovered in Mozilla Network Security Service NSS. Please review the CVE identifier referenced below for details. Tenable h...

6.5CVSS7.1AI score0.00816EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/08/01 9:18 a.m.3 views

Security update for libgcrypt

This update for libgcrypt fixes the following issues: CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

5.9CVSS9.7AI score0.01114EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/07/22 11:40 a.m.2 views

Security update for libgcrypt

This update for libgcrypt fixes the following issues: CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

5.9CVSS7.2AI score0.01114EPSS
Exploits0References4
Amazon
Amazon
added 2025/07/10 12:0 a.m.6 views

Medium: python-cryptography

Issue Overview: python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext. CVE-2020-25659 Affected Packages: python-cryptography Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Vis...

5.9CVSS7AI score0.02454EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/10 12:0 a.m.3 views

Amazon Linux 2 : python-cryptography (ALAS-2025-2930)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2930 advisory. python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext. CVE-2020-25659 Tenable has extracted the preceding...

5.9CVSS7AI score0.02454EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 3: openssl (TSSA-2023:0021)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0021 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

5.9CVSS7.9AI score0.16195EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:34 a.m.6 views

CVE-2024-45414

The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. This function is responsible for decrypting RSA encrypted ciphertext, the encrypted data is supplied base64 encoded. The decoded ciphertext is stored on the stack without checki...

9.8CVSS7.4AI score0.00483EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:12 a.m.7 views

CVE-2023-32342

IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IB...

7.5CVSS6.2AI score0.00925EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:2 a.m.10 views

CVE-2023-33850

IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive...

7.5CVSS6.5AI score0.00855EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/12 11:22 a.m.15 views

Security Bulletin: IBM Maximo Application Suite uses "bcprov-jdk18on-1.75.jar" which is vulnerable to CVE-2024-30171

Summary IBM Maximo Application Suite uses "bcprov-jdk18on-1.75.jar" which is vulnerable to CVE-2024-30171. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-30171 DESCRIPTION: The Bouncy Castle Crypto Package For Java could allow ...

5.9CVSS8.6AI score0.00901EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-0914

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS1 v1.5 padded ciphertexts. This flaw could...

5.9CVSS5.8AI score0.00878EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-6240

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt...

6.5CVSS6.7AI score0.00969EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2022-4304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a...

5.9CVSS7.6AI score0.16195EPSS
Exploits0References3
Rows per page
Query Builder