Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Veracode
Veracodeadded 2017/01/26 8:1 a.m.35 views

Side Channel Attack On Modular Exponentiation

OpenSSL is vulnerable to side channel attacks. The vulnerability exploits cache-bank conflicts on the Intel Sandy-Bridge microarchitecture, exposing RSA keys. However, an attacker can only exploit this only if he has control of code in a thread running on the same hyper-threaded core as the victi...

5.1CVSS7.4AI score0.00461EPSS
Exploits1References50Affected Software3
RedHat Linux
RedHat Linuxadded 2016/12/15 10:11 p.m.1 views

OpenSSL: Side channel attack on modular exponentiation

A side-channel attack was found that makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. An attacker who has the ability to control code in a thread running on the same hyper-threaded core as the victim's thread that is performing decryption, could use this flaw to...

5.1CVSS6.8AI score0.00461EPSS
Exploits1References6
OpenVAS
OpenVASadded 2016/03/11 12:0 a.m.28 views

Amazon Linux: Security Advisory (ALAS-2016-661)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.2AI score0.90348EPSS
Exploits3References2
FreeBSD Advisory
FreeBSD Advisoryadded 2016/03/10 12:0 a.m.30 views

FreeBSD-SA-16:12.openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:12.openssl Security Advisory The FreeBSD Project Topic: Multiple OpenSSL vulnerabilities Category: contrib Module: openssl Announced: 2016-03-10 Credits:...

10CVSS7.2AI score0.90348EPSS
Exploits3
FreeBSD
FreeBSDadded 2016/03/10 12:0 a.m.71 views

FreeBSD -- Multiple OpenSSL vulnerabilities

Problem Description: A cross-protocol attack was discovered that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. Note that traffic between clients and non-vulnerable servers can be decrypted provided...

10CVSS8.3AI score0.90348EPSS
Exploits3
ArchLinux
ArchLinuxadded 2016/03/07 12:0 a.m.74 views

lib32-openssl: multiple issues

CVE-2016-0702 private key extraction A side-channel attack was found that makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. An attacker who has the ability to control code in a thread running on the same hyper-threaded core as the victim's thread that is performing...

10CVSS5.1AI score0.90348EPSS
Exploits3References7
Debian CVE
Debian CVEadded 2016/03/03 12:0 a.m.55 views

CVE-2016-0702

The MODEXPCTIMECOPYFROMPREBUF function in crypto/bn/bnexp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the...

5.1CVSS7.7AI score0.00461EPSS
Exploits1
RedHat Linux
RedHat Linuxadded 2016/03/01 4:7 p.m.0 views

OpenSSL: Side channel attack on modular exponentiation

A side-channel attack was found that makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. An attacker who has the ability to control code in a thread running on the same hyper-threaded core as the victim's thread that is performing decryption, could use this flaw to...

5.1CVSS6.8AI score0.00461EPSS
Exploits1References6
Rows per page
Query Builder