Lucene search
K

203 matches found

Snyk
Snyk
added 2024/08/29 11:48 p.m.2 views

Fault Injection

Overview Affected versions of this package are vulnerable to Fault Injection through the wced25519signmsg function. An attacker can disclose sensitive information and escalate privileges by exploiting the Rowhammer fault injection technique to manipulate the ed25519key structure. This is only...

8.8CVSS7.4AI score0.00464EPSS
Exploits0References2
Snyk
Snyk
added 2024/08/29 11:44 p.m.3 views

Fault Injection

Overview Affected versions of this package are vulnerable to Fault Injection through the RsaPrivateDecryption function. An attacker can disclose sensitive information and escalate privileges by exploiting the Rowhammer fault injection technique to manipulate the RsaKey structure. Remediation...

8.8CVSS7.5AI score0.00544EPSS
Exploits0References2
NVD
NVD
added 2024/08/29 11:15 p.m.20 views

CVE-2024-1545

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

8.8CVSS0.00544EPSS
Exploits0References2
OSV
OSV
added 2024/08/29 11:15 p.m.2 views

DEBIAN-CVE-2024-1545

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

8.8CVSS5.5AI score0.00544EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/08/29 11:15 p.m.3 views

CVE-2024-1545

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

8.8CVSS5.9AI score0.00544EPSS
Exploits0References3
OSV
OSV
added 2024/08/29 11:15 p.m.14 views

CVE-2024-1545

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

8.8CVSS7.4AI score
Exploits0References2
OSV
OSV
added 2024/08/29 11:15 p.m.6 views

UBUNTU-CVE-2024-1545

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

8.8CVSS5.9AI score0.00544EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/08/29 11:15 p.m.12 views

CVE-2024-1545

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

8.8CVSS5.9AI score0.00544EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/29 11:10 p.m.30 views

CVE-2024-2881 Fault Injection of EdDSA signature in WolfCrypt

Fault Injection vulnerability in wced25519signmsg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

6.7CVSS0.00464EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/29 11:10 p.m.17 views

CVE-2024-2881 Fault Injection of EdDSA signature in WolfCrypt

Fault Injection vulnerability in wced25519signmsg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

6.7CVSS7.6AI score0.00464EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/08/29 11:10 p.m.19 views

CVE-2024-2881

Fault Injection vulnerability in wced25519signmsg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

8.8CVSS5.5AI score0.00464EPSS
Exploits0
CVE
CVE
added 2024/08/29 11:10 p.m.67 views

CVE-2024-2881

CVE-2024-2881 concerns WolfSSL (wolfssl5.6.6) where an attacker co-residing on the same system can exploit a fault injection vulnerability in the function wc_ed25519_sign_msg (wolfcrypt/src/ed25519.c) to disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key...

8.8CVSS7.9AI score0.00464EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/29 11:2 p.m.9 views

CVE-2024-1545 Fault Injection of RSA encryption in WolfCrypt

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

5.9CVSS7.6AI score0.00544EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2024/08/29 11:2 p.m.10 views

CVE-2024-1545

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

8.8CVSS7.5AI score0.00544EPSS
Exploits0
Cvelist
Cvelist
added 2024/08/29 11:2 p.m.18 views

CVE-2024-1545 Fault Injection of RSA encryption in WolfCrypt

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

5.9CVSS0.00544EPSS
Exploits0References2
CVE
CVE
added 2024/08/29 11:2 p.m.74 views

CVE-2024-1545

CVE-2024-1545 concerns WolfSSL’s wolfCrypt RSA code path: Fault Injection in RsaPrivateDecryption (rsa.c) enables Rowhammer-induced data leakage to the RsaKey structure, allowing information disclosure and potential privilege escalation. Affected software: WolfSSL/wolfCrypt (example version wolfs...

8.8CVSS7.3AI score0.00544EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2024/08/29 11:2 p.m.8 views

CVE-2024-1545

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

8.8CVSS5.5AI score0.00544EPSS
Exploits0
CNNVD
CNNVD
added 2024/08/29 12:0 a.m.3 views

WolfSSL 安全漏洞

wolfSSL CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. A security vulnerability exists in WolfSSL version 5.6.6, which can be exploited by remote attackers to disclose information and elevate privileges via a...

8.8CVSS7AI score0.00544EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/29 12:0 a.m.9 views

PT-2024-22582 · Wolfssl +1 · Wolfssl +1

Name of the Vulnerable Software and Affected Versions: WolfSSL versions 5.6.6 and earlier Description: The issue is related to a Fault Injection vulnerability in the wc ed25519 sign msg function in WolfSSL, which affects the ed25519 key structure. This vulnerability allows a remote attacker...

8.8CVSS7.5AI score0.00464EPSS
Exploits0References15
CNNVD
CNNVD
added 2024/08/29 12:0 a.m.5 views

WolfSSL 安全漏洞

wolfSSL CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. A security vulnerability exists in WolfSSL version 5.6.6, which can be exploited by remote attackers to disclose information and elevate privileges via a...

8.8CVSS7AI score0.00464EPSS
Exploits0References3
Rows per page
Query Builder