10 matches found
EUVD-2023-45617
Malicious code in bioql PyPI...
CVE-2023-41097
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0...
CVE-2023-41097
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0...
Buffer overflow
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0...
CVE-2023-41097
CVE-2023-41097 concerns Silicon Labs Gecko SDK (GSDK) on ARM, where an Observable Timing Discrepancy could enable a Padding Oracle crypto attack against CBC PKCS7. Affected component is the GSDK up to and including version 4.4.0. The root cause is a timing discrepancy that leaks information durin...
CVE-2023-41097 Potential Timing vulnerability in CBC PKCS7 padding calculations
An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0...
Security Bulletin: IBM Copy Services Manager is vulnerable to crypto attack vulnerabilities due to IBM Java 8 vulnerabilities.
Summary IBM Copy Services Manager is vulnerable to the listed attack vectors in the bundled depencency IBM Java 8.0.7.0 through 8.0.7.11. IBM Java is used by IBM Copy Services Manager as a code base and virtal machine runtime. The following vulnerabilities have been identified: CVE-2023-30441...
HTTPS SSL encryption Vulnerable To Crypto Attack
HTTPS SSL encryption Vulnerable To Crypto Attack The secure sockets layer SSL and transport layer security TLS encryption protocol, used by millions of websites to secure Web communications via HTTPS, is vulnerable to being decrypted by attackers. Researchers have discovered a serious weakness in...
ASP.NET Hack
There were a lot of excellent talks at conferences this year, but perhaps the most interesting and far-reaching presentation was one given by researchers Thai Duong and Juliano Rizzo at Ekoparty on a crypto attack against ASP.NET applications. The “padding oracle” attack that the pair implemented...
'Padding Oracle' Crypto Attack Affects Millions of ASP.NET Apps
A pair of security researchers have implemented an attack that exploits the way that ASP.NET Web applications handle encrypted session cookies, a weakness that could enable an attacker to hijack users’ online banking sessions and cause other severe problems in vulnerable applications. Experts say...