Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.3 views

Siemens SIMATIC S7-1500 Observable Discrepancy (CVE-2018-0495)

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the gcryeccecdsasign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. T...

4.7CVSS6.5AI score0.00887EPSS
Exploits1References4
Snyk
Snyk
added 2024/08/29 11:48 p.m.2 views

Fault Injection

Overview Affected versions of this package are vulnerable to Fault Injection through the wced25519signmsg function. An attacker can disclose sensitive information and escalate privileges by exploiting the Rowhammer fault injection technique to manipulate the ed25519key structure. This is only...

8.8CVSS7.4AI score0.00464EPSS
Exploits0References2
OSV
OSV
added 2024/08/29 11:15 p.m.1 views

UBUNTU-CVE-2024-1545

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

8.8CVSS5.9AI score0.00544EPSS
Exploits0References3
OSV
OSV
added 2024/05/14 3:14 p.m.3 views

DEBIAN-CVE-2024-28285

A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate privileges...

9.8CVSS5.3AI score0.00505EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/05/08 12:28 p.m.2 views

openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information...

4.7CVSS6.9AI score0.03418EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2018/10/30 11:11 a.m.5 views

ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the gcryeccecdsasign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. T...

4.7CVSS6.8AI score0.00887EPSS
Exploits1References5
OSV
OSV
added 2018/06/15 2:29 a.m.3 views

CVE-2018-12433

cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. NOTE: the vendor...

4.9CVSS5.8AI score0.00346EPSS
Exploits1References1
OSV
OSV
added 2018/06/15 2:29 a.m.2 views

DEBIAN-CVE-2018-12436

wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physic...

4.7CVSS4.6AI score0.00371EPSS
Exploits0References1
OSV
OSV
added 2018/06/15 2:29 a.m.3 views

DEBIAN-CVE-2018-12437

LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host...

4.9CVSS6.3AI score0.0054EPSS
Exploits1References1
OSV
OSV
added 2018/06/13 11:29 p.m.4 views

ALPINE-CVE-2018-0495

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the gcryeccecdsasign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. T...

4.7CVSS8.5AI score0.00887EPSS
Exploits1References1
OSV
OSV
added 2018/06/13 12:0 a.m.2 views

UBUNTU-CVE-2018-0495

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the gcryeccecdsasign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. T...

4.7CVSS6.4AI score0.00887EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2016/12/15 10:11 p.m.4 views

OpenSSL: Side channel attack on modular exponentiation

A side-channel attack was found that makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. An attacker who has the ability to control code in a thread running on the same hyper-threaded core as the victim's thread that is performing decryption, could use this flaw to...

5.1CVSS6.8AI score0.0191EPSS
Exploits1References6
Rows per page
Query Builder