Lucene search
K

4 matches found

Snyk
Snyk
added 2026/04/10 10:9 p.m.4 views

Timing Attack

Overview phpseclib/phpseclib is a PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc. Affected versions of this package are vulnerable to Timing Attack via the getbinarypacket function. An attacker can potentially infer sensitive information about the...

6.3CVSS5.8AI score0.00334EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/06 9:21 p.m.34 views

CVE-2025-68621 Trilium Notes has a Timing Attack Vulnerability in /api/login/sync

Trilium Notes is an open-source, cross-platform hierarchical note taking application with focus on building large personal knowledge bases. Prior to 0.101.0, a critical timing attack vulnerability in Trilium's sync authentication endpoint allows unauthenticated remote attackers to recover HMAC...

7.4CVSS0.00509EPSS
Exploits2References2
OSV
OSV
added 2025/06/02 5:15 p.m.1 views

DEBIAN-CVE-2025-48995

SignXML is an implementation of the W3C XML Signature standard in Python. When verifying signatures with X509 certificate validation turned off and HMAC shared secret set signxml.XMLVerifier.verifyrequirex509=False, hmackey=..., versions of SignXML prior to 4.0.4 are vulnerable to a potential...

6.9CVSS5.3AI score0.00199EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2023/02/14 12:0 a.m.4 views

VulnCheck KEV: CVE-2013-4786

The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC...

7.8CVSS7.2AI score0.81802EPSS
Exploits2References1
Rows per page
Query Builder