715 matches found
PT-2025-49686
Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks...
kernel: ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
kernel: ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
kernel: ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
sctp: Fix MAC comparison to be constant-time
...
EUVD-2025-150370
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
CVE-2025-40204
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
UBUNTU-CVE-2025-40204
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
CVE-2025-40204
Based on the provided Connected documents, CVE-2025-40204 affects the Linux kernel (SCTP) and is fixed by making MAC comparisons constant-time to prevent timing attacks. The SUSE-related Nessus advisories (SUSE-SU-2026:0274-1, SUSE-SU-2026:0284-1, SUSE-SU-2026:0262-1, SUSE-SU-2026:0270-1, etc.) l...
CVE-2025-40204 sctp: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
kernel: ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
kernel: ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
kernel: ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
SUSE CVE-2025-54499
Mattermost versions 10.5.x = 10.5.10, 10.11.x = 10.11.2 fail to use constant-time comparison for sensitive string comparisons which allows attackers to exploit timing oracles to perform byte-by-byte brute force attacks via response time analysis on Cloud API keys and OAuth client secrets...
kernel: ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
Siemens RUGGEDCOM ROS Devices Use of a Broken or Risky Cryptographic Algorithm (CVE-2025-41223)
The affected devices support the TLSECDHEECDSAWITHAES128CBCSHA256 cipher suite, which uses CBC Cipher Block Chaining mode that is known to be vulnerable to timing attacks. This could allow an attacker to compromise the integrity and confidentiality of encrypted communications. This plugin only...
Mattermost Server 10.5.x < 10.5.11 / 10.11.x < 10.11.3 / 10.12.0 Multiple Vulnerabilities (MMSA-2025-00497, MMSA-2025-00496, MMSA-2025-00516)
The version of Mattermost Server installed on the remote host is affected by multiple vulnerabilities as referenced in the MMSA-2025-00497, MMSA-2025-00496, MMSA-2025-00516 advisories. - Mattermost versions 10.5.x = 10.5.10, 10.11.x = 10.11.2 fail to properly validate guest user permissions when...
PT-2025-42888
Name of the Vulnerable Software and Affected Versions Mbed TLS versions through 3.6.4 Description Mbed TLS contains an Observable Timing Discrepancy. This issue may allow for timing attacks. Recommendations Update to a version of Mbed TLS newer than 3.6.4...
CVE-2025-54499
Mattermost versions 10.5.x = 10.5.10, 10.11.x = 10.11.2 fail to use constant-time comparison for sensitive string comparisons which allows attackers to exploit timing oracles to perform byte-by-byte brute force attacks via response time analysis on Cloud API keys and OAuth client secrets...
EUVD-2025-34730
Mattermost has an Observable Timing Discrepancy vulnerability...