50 matches found
MiracleLinux 8 : libgcrypt-1.8.5-4.el8 (AXSA:2020-1018:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-1018:01 advisory. libgcrypt: ECDSA timing attack allowing private key leak CVE-2019-13627 Tenable has extracted the preceding description block directly from the MiracleLinux...
EUVD-2019-5060
Malware in sbrugna...
EUVD-2019-5059
Malware in sbrugna...
EUVD-2018-1545
Malware in sbrugna...
CVE-2020-17478
ECDSA/EC/Point.pm in Crypt::Perl before 0.33 does not properly consider timing attacks against the EC point multiplication algorithm...
Tenable Sensor Proxy < 1.2.0 Multiple Vulnerabilities (TNS-2025-08)
According to its self-reported version, the Tenable Sensor Proxy running on the remote host is less than 1.2.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2025-08 advisory. - Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. CVE-2019-162...
Ubuntu: Security Advisory (USN-4236-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:3392-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2349-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2510-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 6.02 : libgcrypt Vulnerability (NS-SA-2021-0071)
The remote NewStart CGSL host, running version MAIN 6.02, has libgcrypt packages installed that are affected by a vulnerability: - It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versio...
nss: ECDSA timing attack mitigation bypass
A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDS...
CentOS 8 : libgcrypt (CESA-2020:4482)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4482 advisory. - libgcrypt: ECDSA timing attack allowing private key leak CVE-2019-13627 Note that Nessus has not tested for this issue but has instead relied only on the...
Moderate: Red Hat Security Advisory: libgcrypt security, bug fix, and enhancement update
An update for libgcrypt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
USN-4236-1: Libgcrypt vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that Libgcrypt was susceptible to a ECDSA timing attack. An attacker could possibly use this attack to recover sensitive information. CVEs contained in this USN include: CVE-2019-13627...
USN-4236-2: Libgcrypt vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description USN-4236-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding fix for Ubuntu 16.04 LTS. Original advisory details: It was discovered that Libgcrypt was susceptible to a ECDSA timin...
Huawei EulerOS: Security Advisory for libgcrypt (EulerOS-SA-2019-2107)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS : Libgcrypt vulnerability (USN-4236-2)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4236-2 advisory. USN-4236-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding fix for Ubuntu 16.04 LTS. Tenable has extracted the preceding description...
Ubuntu: Security Advisory (USN-4236-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : libgcrypt (openSUSE-2020-22)
This update for libgcrypt fixes the following issues : Security issues fixed : - CVE-2019-13627: Mitigation against an ECDSA timing attack bsc1148987. Bug fixes : - Added CMAC AES self test bsc1155339. - Added CMAC TDES self test missing bsc1155338. - Fix test dsa-rfc6979 in FIPS mode. This updat...