EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2026-1187)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bound...

MiracleLinux 8 : libgcrypt-1.8.5-4.el8 (AXSA:2020-1018:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-1018:01 advisory. libgcrypt: ECDSA timing attack allowing private key leak CVE-2019-13627 Tenable has extracted the preceding description block directly from the MiracleLinux...

Medium: aws-cfn-bootstrap

Issue Overview: Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measuring...

Siemens SIMATIC S7-1500 Observable Discrepancy (CVE-2019-13627)

It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7. This plugin only works with Tenable.ot. Please visit...

EUVD-2019-5059

Malware in sbrugna...

EUVD-2019-5060

Malware in sbrugna...

EUVD-2018-1545

Malware in sbrugna...

RHEL 10 : mysql-selinux and mysql8.4 (RHSA-2025:15699)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15699 advisory. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld an...

ALSA-2025:15699 Moderate: mysql-selinux and mysql8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. Security Fixes: openssl:...

Linux Distros Unpatched Vulnerability : CVE-2022-48570

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSizeAllocatorWithCleanup could write to memory outside of the...

Linux Distros Unpatched Vulnerability : CVE-2019-14318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypto++ 8.3.0 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or remote attacker, able to measure the duration of...

SUSE-SU-2025:02042-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-27587: timing side-channel vulnerability in the P-384 implementation when used with ECDSA bsc1243459. - CVE-2024-12797: Fixed that RFC7250 handshakes with unauthenticated servers don't abort as expected. bsc1236599 - CVE-2024-13176:...

SUSE-SU-2025:20406-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2025-27587: Fixed Minerva side channel vulnerability in P-384 on PPC arch bsc1240366 - CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136...

[SECURITY] [DLA 4176-1] openssl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4176-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk May 24, 2025 https://wiki.debian.org/LTS -...

CVE-2020-17478

ECDSA/EC/Point.pm in Crypt::Perl before 0.33 does not properly consider timing attacks against the EC point multiplication algorithm...

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136. Other bugfixes: Non approved PBKDF parameters wrongly resulting as approved bsc1236771. Patch Instructions: To install this SUSE update use the SUSE...

EulerOS 2.0 SP10 : openssl (EulerOS-SA-2025-1532)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact...

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136. Other bugfixes: Non approved PBKDF parameters wrongly resulting as approved bsc1236771. Patch Instructions: To install this SUSE update use the SUSE...

Tenable Sensor Proxy < 1.2.0 Multiple Vulnerabilities (TNS-2025-08)

According to its self-reported version, the Tenable Sensor Proxy running on the remote host is less than 1.2.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2025-08 advisory. - Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. CVE-2019-162...

Tenable Identity Exposure < 3.77.11 Multiple Vulnerabilities (TNS-2025-07)

The version of the Tenable Identity Exposure running on the remote host is prior to 3.77.11. It is, therefore, affected by multiple vulnerabilities according to advisory TNS-2025-07, including the following: - Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may...