Lucene search
K

28 matches found

Tenable Nessus
Tenable Nessus
added 2023/02/22 12:0 a.m.45 views

Debian dla-3327 : libnss3 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3327 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3327-1 [email protected]...

9.1CVSS7.9AI score0.01541EPSS
Exploits0References12
F5 Networks
F5 Networks
added 2023/02/21 6:59 p.m.68 views

K61267093: Multiple NSS vulnerabilities CVE-2020-6829, CVE-2020-12400, CVE-2020-12401, and CVE-2020-12402

Security Advisory Description CVE-2020-6829 When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the...

5.3CVSS6.9AI score0.01449EPSS
Exploits0Affected Software2
OpenVAS
OpenVAS
added 2023/02/21 12:0 a.m.32 views

Debian: Security Advisory (DLA-3327-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.4AI score0.01541EPSS
Exploits0References4
Debian
Debian
added 2023/02/20 3:16 p.m.50 views

[SECURITY] [DLA 3327-1] nss security update

Debian LTS Advisory DLA-3327-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 20, 2023 https://wiki.debian.org/LTS Package : nss Version : 2:3.42.1-1+deb10u6 CVE ID : CVE-2020-6829 CVE-2020-12400 CVE-2020-12401 CVE-2020-12403 CVE-2023-0767 Multiple...

9.1CVSS7.1AI score0.01541EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.34 views

Mageia: Security Advisory (MGASA-2020-0318)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.7AI score0.0779EPSS
Exploits6References9
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.41 views

NewStart CGSL MAIN 6.02 : nss Multiple Vulnerabilities (NS-SA-2021-0121)

The remote NewStart CGSL host, running version MAIN 6.02, has nss packages installed that are affected by multiple vulnerabilities: - When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel...

9.1CVSS7.2AI score0.01541EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2021/05/01 12:0 a.m.30 views

CentOS: Security Advisory for nss (CESA-2020:4076)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS7.8AI score0.03552EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/02/18 12:0 a.m.37 views

Oracle Linux 8 : nss (ELSA-2021-0538)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0538 advisory. - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC. Tenable has extracted the preceding...

9.1CVSS7.4AI score0.01541EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/02/16 2:33 p.m.235 views

Moderate: Red Hat Security Advisory: nss security and bug fix update

An update for nss is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.1CVSS6.5AI score0.01541EPSS
Exploits0References8
NVD
NVD
added 2020/10/28 12:15 p.m.28 views

CVE-2020-6829

When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This...

5.3CVSS5.8AI score0.01449EPSS
Exploits0References4
OSV
OSV
added 2020/10/28 12:15 p.m.37 views

CVE-2020-6829

When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This...

5.3CVSS1.9AI score
Exploits0References4
OSV
OSV
added 2020/10/28 12:15 p.m.3 views

DEBIAN-CVE-2020-6829

When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This...

5.3CVSS6.6AI score0.01449EPSS
Exploits0References1
CVE
CVE
added 2020/10/28 12:0 a.m.319 views

CVE-2020-6829

CVE-2020-6829 is a vulnerability in NSS (Network Security Services) libraries (nss, nss-util, nss-softokn, nspr) where the wNAF scalar point multiplication during ECDSA signature generation leaks partial nonce information. This side-channel can enable an attacker with electromagnetic traces from ...

5.3CVSS5.5AI score0.01449EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 2020/10/28 12:0 a.m.43 views

CVE-2020-6829

When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This...

5.3CVSS6AI score0.01449EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/10/21 12:0 a.m.57 views

Scientific Linux Security Update : nss and nspr on SL7.x x86_64 (20201001)

Security Fixes : - nss: Out-of-bounds read when importing curve25519 private key CVE-2019-11719 - nss: Use-after-free in sftkFreeSession due to improper refcounting CVE-2019-11756 - nss: Check length of inputs for cryptographic primitives CVE-2019-17006 - nss: Side channel attack on ECDSA signatu...

10CVSS7.1AI score0.03552EPSS
Exploits1References11
Oracle linux
Oracle linux
added 2020/10/08 12:0 a.m.145 views

nss and nspr security, bug fix, and enhancement update

nspr 4.25.0-2 - Rebuild to fix wrong dist tag 4.25.0-1 - Rebase to NSPR 4.25 nss 3.53.1-3 - Disable dh timing test because it's unreliable on s390 from Bob Relyea - Explicitly enable upgradedb/sharedb test cycles 3.53.1-2 - Disable TLS 1.3 by default 3.53.1-1 - Rebase to NSS 3.53.1 3.44.0-8 -...

10CVSS0.9AI score0.03552EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/09/30 12:0 a.m.68 views

Debian DLA-2388-1 : nss security update

Various vulnerabilities were fixed in nss, the Network Security Service libraries. CVE-2018-12404 Cache side-channel variant of the Bleichenbacher attack. CVE-2018-18508 NULL pointer dereference in several CMS functions resulting in a denial of service. CVE-2019-11719 Out-of-bounds read when...

10CVSS7.2AI score0.44398EPSS
Exploits2References16
RedHat Linux
RedHat Linux
added 2020/09/29 10:31 p.m.377 views

Moderate: Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update

An update for nss, nss-softokn, nss-util, and nspr is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

10CVSS6.6AI score0.03552EPSS
Exploits1References17
OpenVAS
OpenVAS
added 2020/09/02 12:0 a.m.49 views

Mozilla Firefox Security Advisories (MFSA2020-36, MFSA2020-38) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

9.3CVSS7.1AI score0.02716EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2020/09/02 12:0 a.m.29 views

Mozilla Firefox Security Advisories (MFSA2020-36, MFSA2020-38) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

9.3CVSS7.1AI score0.02716EPSS
Exploits2References1
Rows per page
Query Builder