Lucene search
K

7 matches found

RedHat Linux
RedHat Linux
added 2019/05/30 2:57 p.m.4 views

ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the gcryeccecdsasign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. T...

4.7CVSS6.3AI score0.00887EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.34 views

openSUSE Security Update : nodejs8 (openSUSE-2019-718)

This update for nodejs8 to version 8.11.4 fixes the following issues : Security issues fixed : - CVE-2018-12115: Fixed an out-of-bounds memory write in Buffer that could be used to write to memory outside of a Buffer's memory space buffer bsc1105019 - Upgrade to OpenSSL 1.0.2p, which fixed : -...

7.5CVSS6.6AI score0.49268EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2018/09/25 3:12 p.m.56 views

Security update for nodejs8 (moderate)

This update for nodejs8 to version 8.11.4 fixes the following issues: Security issues fixed: - CVE-2018-12115: Fixed an out-of-bounds memory write in Buffer that could be used to write to memory outside of a Buffer's memory space buffer bsc1105019 - Upgrade to OpenSSL 1.0.2p, which fixed: -...

5CVSS2.2AI score0.49268EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/09/09 12:0 a.m.27 views

openSUSE: Security Advisory for nodejs4 (openSUSE-SU-2018:2667-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS8.2AI score0.49268EPSS
Exploits0References2
OSV
OSV
added 2018/09/07 9:54 a.m.10 views

SUSE-SU-2018:2647-1 Security update for nodejs4

This update for nodejs4 fixes the following issues: Security issues fixed: - CVE-2018-12115: Fixed an out-of-bounds memory write in Buffer that could be used to write to memory outside of a Buffer's memory space buffer bsc1105019 - Upgrade to OpenSSL 1.0.2p, which fixed: - CVE-2018-0732: Client...

7.5CVSS7.7AI score0.49268EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/08/28 12:0 a.m.40 views

FreeBSD : node.js -- multiple vulnerabilities (0904e81f-a89d-11e8-afbb-bc5ff4f77b71)

Node.js reports : OpenSSL: Client DoS due to large DH parameter This fixes a potential denial of service DoS attack against client connections by a malicious server. During a TLS communication handshake, where both client and server agree to use a cipher-suite using DH or DHE Diffie-Hellman, in...

7.5CVSS6.6AI score0.49268EPSS
Exploits0References5
OSV
OSV
added 2018/08/15 3:45 p.m.8 views

MGASA-2018-0339 Updated libtomcrypt packages fix security vulnerability

libtomcrypt has been updated to secure it against two security vulnerabilities. A problem in the ASN.1 parser could cause a stack overflow and a resulting denial of service when parsing deeply recursive ASN.1 types CVE-2018-0739. An attacker capable of triggering signatures and mounting a side...

6.5CVSS6.1AI score0.19295EPSS
Exploits1References2
Rows per page
Query Builder