Lucene search
+L

466 matches found

Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.34 views

Oracle Linux 7 : nss, / nss-softokn, / nss-util, / and / nspr (ELSA-2019-2237)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2237 advisory. nspr 4.21.0-1 - Rebase to NSPR 4.21 nss 3.44.0-4 - Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa 3.44.0-3 ...

5.9CVSS6.4AI score0.44398EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/08/31 12:0 a.m.29 views

FreeBSD : FreeBSD -- Multiple vulnerabilities in OpenSSL (c8eb4c40-47bd-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the c8eb4c40-47bd-11ee-8e38-002590c1f29c advisory. - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could ...

7.5CVSS7.9AI score0.59501EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/08/04 12:0 a.m.13 views

SUSE SLES15: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2023:3179-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3179-1 advisory. - CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out...

5.9CVSS7.1AI score0.16195EPSS
Exploits0References8
OSV
OSV
added 2023/07/15 11:5 a.m.4 views

OESA-2023-1431 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbach...

5.9CVSS8.8AI score0.16195EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/07/04 12:0 a.m.28 views

EulerOS 2.0 SP11 : gnutls (EulerOS-SA-2023-2267)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover...

7.4CVSS7.1AI score0.01403EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/07/04 12:0 a.m.34 views

EulerOS 2.0 SP11 : openssl (EulerOS-SA-2023-2275)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a netwo...

7.5CVSS7.9AI score0.59501EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/06/28 12:0 a.m.30 views

SUSE SLED15: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2023:2648-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2648-1 advisory. - CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timi...

5.9CVSS7.1AI score0.16195EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/06/26 12:0 a.m.36 views

SUSE SLES12: libopenssl-1_0_0-devel / libopenssl-1_0_0-devel-32bit / etc (SUSE-SU-2023:2624-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2624-1 advisory. - CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause...

5.9CVSS7.1AI score0.16195EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/06/25 12:0 a.m.31 views

SUSE SLES12: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2023:2623-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2623-1 advisory. - CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause...

5.9CVSS7.1AI score0.16195EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/06/23 12:0 a.m.62 views

F5 Networks BIG-IP : OpenSSL vulnerability (K000132943)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10 / 16.1.5 / 17.1.1 17.1.0.1. It is, therefore, affected by a vulnerability as referenced in the K000132943 advisory. A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be...

5.9CVSS7.9AI score0.16195EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/06/07 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2023-2070)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS8AI score0.01403EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/06/07 12:0 a.m.19 views

EulerOS Virtualization 2.11.0 : gnutls (EulerOS-SA-2023-2122)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be...

7.4CVSS7AI score0.01403EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/06/05 4:29 p.m.9 views

openssl: timing attack in RSA Decryption implementation

A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages...

5.9CVSS6.7AI score0.16195EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/06/05 2:16 p.m.5 views

openssl: timing attack in RSA Decryption implementation

A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages...

5.9CVSS6.7AI score0.16195EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/06/02 12:0 a.m.35 views

EulerOS Virtualization 2.9.1 : openssl (EulerOS-SA-2023-2001)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext...

7.5CVSS7.6AI score0.59501EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2023/05/18 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2023-1953)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS8AI score0.01403EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/05/15 12:0 a.m.50 views

Oracle Linux 9 : edk2 (ELSA-2023-2165)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2165 advisory. - Resolves: bz2164534 CVE-2023-0286 edk2: openssl: X.400 address type confusion in X.509 GeneralName rhel-9 - Resolves: bz2164550 CVE-2022-4304 edk2:...

9.8CVSS7.4AI score0.59501EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/05/13 12:0 a.m.40 views

EulerOS 2.0 SP9 : openssl (EulerOS-SA-2023-1850)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a netwo...

7.5CVSS7.6AI score0.59501EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2023/04/26 12:0 a.m.11 views

The vulnerabilities of encryption algorithms such as PKCS#1 v1.5, RSA-OEAP, and RSASVE in the OpenSSL cryptographic library allow attackers to execute the Bleichenbacher attack.

The vulnerability of encryption algorithms such as PKCS1 v1.5, RSA-OEAP, and RASSEV in the OpenSSL cryptographic library is related to the creation of a secondary synchronization channel due to time differences. Exploiting this vulnerability can allow an attacker operating remotely to execute a...

5.9CVSS7.1AI score0.16195EPSS
Exploits0References15Affected Software22
Tenable Nessus
Tenable Nessus
added 2023/04/13 12:0 a.m.44 views

EulerOS 2.0 SP8 : openssl (EulerOS-SA-2023-1602)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a netwo...

7.5CVSS7.9AI score0.59501EPSS
Exploits0References5
Rows per page
Query Builder