Lucene search
K

920 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.6 views

CVE-2026-43384

In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

5.7AI score0.00457EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.37 views

CVE-2026-43384 net/tcp-ao: Fix MAC comparison to be constant-time

In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.8CVSS0.00457EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.31 views

CVE-2026-43383 net/tcp-md5: Fix MAC comparison to be constant-time

In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.4CVSS0.00443EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.7 views

CVE-2026-43383

In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.4CVSS5.7AI score0.00443EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/08 2:21 p.m.49 views

CVE-2026-43383

CVE-2026-43383 affects the Linux kernel’s TCP MD5 signature handling. The root cause is a non-constant-time MAC comparison, enabling potential timing attacks. The vulnerability is addressed by changing the MAC comparison to a constant-time implementation using the appropriate helper function. The...

9.4CVSS5.7AI score0.00443EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.8 views

CVE-2026-43383

In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.4CVSS5.7AI score0.00443EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the MAC comparison in tcp-ao does not use a constant time, potentially leading to timing...

9.8CVSS5.8AI score0.00457EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.9 views

PT-2026-39045

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A timing attack issue exists in the TCP Authentication Option TCP-AO implementation. The Message Authentication Code MAC comparison was not performed in constant-time, which could allow ...

9.8CVSS5.8AI score0.00457EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-39044

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A timing attack is possible because Message Authentication Codes MACs are not compared in constant time. This allows an attacker to potentially deduce information by measuring the time t...

9.4CVSS5.8AI score0.00443EPSS
Exploits0
OSV
OSV
added 2026/05/06 11:37 p.m.8 views

GHSA-53HJ-R94P-8C8F Kanidm has non-constant-time comparison of OAuth2 client_secret

Summary The kanidmd OAuth2 token-exchange /oauth2/token and token-introspection /oauth2/token/introspect endpoints compare the supplied clientsecret against the stored secret using Rust's PartialEq on String, which short-circuits on the first mismatching byte. This produces an observable timing...

3.7CVSS6AI score
Exploits0References2
OSV
OSV
added 2026/05/06 11:16 p.m.6 views

GHSA-248H-974Q-XRC2 axonflow-sdk-java: Webhook signing-key (HMAC-SHA256) not exposed by SDK type, preventing signature verification

Summary The AxonFlow SDK's WebhookSubscription or equivalent type did not expose the HMAC-SHA256 signing key returned by the platform's CreateWebhook endpoint. Without access to the secret through the typed SDK API, callers had no path to verify the X-AxonFlow-Signature header on incoming webhook...

5.9CVSS5.8AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/06 11:16 p.m.7 views

axonflow-sdk-java: Webhook signing-key (HMAC-SHA256) not exposed by SDK type, preventing signature verification

Summary The AxonFlow SDK's WebhookSubscription or equivalent type did not expose the HMAC-SHA256 signing key returned by the platform's CreateWebhook endpoint. Without access to the secret through the typed SDK API, callers had no path to verify the X-AxonFlow-Signature header on incoming webhook...

5.8AI score
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.5 views

RHEL 7 / 8 / 9 : Red Hat JBoss Enterprise Application Platform 7.4.24 (RHSA-2026:12267)

The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:12267 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...

9.9CVSS5.8AI score0.00691EPSS
Exploits0References8
NVD
NVD
added 2026/04/30 9:16 p.m.12 views

CVE-2026-41263

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a timing side-channel vulnerability in Traefik's BasicAuth middleware that allows an attacker to enumerate valid usernames through response-time differences. The variable intended to ho...

6.3CVSS0.00369EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/30 8:39 p.m.6 views

CVE-2026-41263 Traefik: BasicAuth middleware: timing side-channel vulnerability

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a timing side-channel vulnerability in Traefik's BasicAuth middleware that allows an attacker to enumerate valid usernames through response-time differences. The variable intended to ho...

6.3CVSS5.7AI score0.00369EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/30 8:39 p.m.36 views

CVE-2026-41263 Traefik: BasicAuth middleware: timing side-channel vulnerability

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a timing side-channel vulnerability in Traefik's BasicAuth middleware that allows an attacker to enumerate valid usernames through response-time differences. The variable intended to ho...

6.3CVSS0.00369EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/30 11:14 a.m.9 views

bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA core. A covert timing channel vulnerability, caused by non-constant time comparisons, risks the leakage of private keys in the FrodoKEM implementation. An unauthenticated, remote attacker can potentially exploit this timing discrepancy ...

9.9CVSS5.4AI score0.00691EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/30 11:14 a.m.9 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.24 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.9CVSS5.3AI score0.00691EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/30 11:9 a.m.9 views

bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA core. A covert timing channel vulnerability, caused by non-constant time comparisons, risks the leakage of private keys in the FrodoKEM implementation. An unauthenticated, remote attacker can potentially exploit this timing discrepancy ...

9.9CVSS5.4AI score0.00691EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/30 11:9 a.m.9 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.24 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.9CVSS5.3AI score0.00691EPSS
Exploits0References6
Rows per page
Query Builder