7 matches found
MiracleLinux 7 : nettle-2.7.1-9.0.1.el7.AXS7 (AXSA:2025-10914:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10914:02 advisory. Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages C++, Python,...
SUSE-SU-2025:01887-1 Security update for perl-Crypt-OpenSSL-RSA
This update for perl-Crypt-OpenSSL-RSA fixes the following issues: - CVE-2024-2467: Side-channel attack in PKCS1 v1.5 padding mode Marvin Attack bsc1221446...
AlmaLinux 8 : kernel-rt (ALSA-2024:3627)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3627 advisory. kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation CVE-2023-6240 kernel: Information disclosure in vhost/vhost.c:vhostnewms...
PT-2024-1658 · Mbed Tls +3 · Mbed Tls +3
Name of the Vulnerable Software and Affected Versions: Mbed TLS versions 2.x before 2.28.7 Mbed TLS versions 3.x before 3.5.2 Description: A timing side channel in RSA private operations could allow a local attacker to recover the plaintext by sending a large number of messages for decryption, as...
SUSE-SU-2018:3864-2 Security update for openssl
This update for openssl fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation bsc1113652. - CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses bsc1113534. - CVE-2018-0737: Corrected the current erro...
CVE-2016-8100
Intel Integrated Performance Primitives aka IPP Cryptography before 9.0.4 makes it easier for local users to discover RSA private keys via a side-channel attack...
USN-2914-1 openssl vulnerabilities
Yuval Yarom, Daniel Genkin, and Nadia Heninger discovered that OpenSSL was vulnerable to a side-channel attack on modular exponentiation. On certain CPUs, a local attacker could possibly use this issue to recover RSA keys. This flaw is known as CacheBleed. CVE-2016-0702 Adam Langley discovered th...