Lucene search
K

198 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/03/28 7:15 a.m.19 views

Security Bulletin: Mulltiple Vulnerabilities in OpenSSL Affect IBM Sterling Connect:Direct for HP NonStop

Summary There are multiple vulnerabilities in the OpenSSL library used by IBM Sterling Connect:Direct for HP NonStop. IBM Sterling Connect:Direct for HP NonStop has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: A timing based side channel exists in the...

7.5CVSS7.1AI score0.59501EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-13454

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSS...

5.3CVSS5.7AI score0.00081EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2024-2467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a...

5.9CVSS6.3AI score0.00516EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2018-16869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS1 v1.5 data. An attack...

5.7CVSS5.4AI score0.01495EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2018-12404

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chose...

5.9CVSS6.4AI score0.44398EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2024/12/07 12:0 a.m.3 views

CVE-2024-1545

...

8.8CVSS5.4AI score0.00544EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/09/26 6:39 p.m.5 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/09/16 12:0 a.m.14 views

CVE-2024-45414

The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. This function is responsible for decrypting RSA encrypted ciphertext, the encrypted data is supplied base64 encoded. The decoded ciphertext is stored on the stack without checki...

0.00483EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/16 12:0 a.m.11 views

CVE-2024-45414

The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. This function is responsible for decrypting RSA encrypted ciphertext, the encrypted data is supplied base64 encoded. The decoded ciphertext is stored on the stack without checki...

7.3AI score0.00483EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/29 11:2 p.m.18 views

CVE-2024-1545 Fault Injection of RSA encryption in WolfCrypt

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

5.9CVSS0.00544EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/29 11:2 p.m.9 views

CVE-2024-1545 Fault Injection of RSA encryption in WolfCrypt

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

5.9CVSS7.6AI score0.00544EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/07/16 6:43 p.m.5 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/07/08 1:23 p.m.8 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References9
OSV
OSV
added 2024/07/08 12:0 a.m.29 views

ALSA-2024:4378 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads...

7.5CVSS8AI score0.01533EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/06/27 12:22 a.m.8 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/05/23 3:28 p.m.7 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/05/22 8:41 p.m.6 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/05/22 8:14 p.m.4 views

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

7.5CVSS7.2AI score0.01533EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2024/05/15 5:47 p.m.15 views

asymmetricrypt/asymmetricrypt Padding Oracle Vulnerability in RSA Encryption

The encryption and decryption process were vulnerable against the Bleichenbacher's attack, which is a padding oracle vulnerability disclosed in the 98'. The issue was about the wrong padding utilized, which allowed to retrieve the encrypted content. The OPENSSLPKCS1PADDING version, aka PKCS v1.5...

7AI score
Exploits0References4Affected Software1
F5 Networks
F5 Networks
added 2024/05/03 7:9 p.m.46 views

K000139508: rust-openssl vulnerability CVE-2024-3296

Security Advisory Description A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of tria...

5.9CVSS5.7AI score0.00415EPSS
Exploits0
Rows per page
Query Builder