Lucene search
+L

9 matches found

OSV
OSV
added 2025/11/21 3:59 p.m.12 views

JLSEC-2025-232 Side channel in RSA key generation and operations (SSBleed, M-Step)

Vulnerability Mbed TLS's modular inversion routine and GCD routine are vulnerable to local timing attacks in a number of settings discussed below. These functions are used in RSA, making the following operations vulnerable in all configurations: - RSA key generation with any API mbedtlsrsagenkey...

6.2CVSS7.1AI score0.00206EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2025/10/20 12:0 a.m.6 views

CVE-2025-54764

Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtlsmpimodinv or mbedtlsmpigcd...

6.2CVSS6.6AI score0.00206EPSS
Exploits1
Debian CVE
Debian CVE
added 2025/10/20 12:0 a.m.8 views

CVE-2025-54764

Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtlsmpimodinv or mbedtlsmpigcd...

6.2CVSS4.3AI score0.00206EPSS
Exploits1
CNNVD
CNNVD
added 2025/10/20 12:0 a.m.6 views

Mbed TLS 安全漏洞

Mbed TLS is an open source, portable, easy to use, readable and flexible SSL library from Mbed TLS Open Source. A security vulnerability exists in Mbed TLS versions prior to 3.6.5 that stems from a local timing attack and a direct call to mbedtlsmpimodinv or mbedtlsmpigcd, which could lead to...

6.2CVSS5.8AI score0.00206EPSS
Exploits1References3
OSV
OSV
added 2025/10/20 12:0 a.m.10 views

CVE-2025-54764

Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtlsmpimodinv or mbedtlsmpigcd...

6.2CVSS6.6AI score0.00206EPSS
Exploits1References4
Oracle linux
Oracle linux
added 2019/03/13 12:0 a.m.320 views

openssl security update

1.0.2k-16.0.1.el76.1 - Bump release for rebuild. 1.0.2k-16.1 - use SHA-256 in FIPS RSA pairwise key check - fix CVE-2018-5407 - EC signature local timing side-channel key extraction 1.0.2k-16 - fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA - fix incorrect error message on...

10CVSS0.5AI score0.99999EPSS
Exploits183
Tenable Nessus
Tenable Nessus
added 2018/12/17 12:0 a.m.29 views

FreeBSD : Mbed TLS -- Local timing attack on RSA decryption (293f40a0-ffa1-11e8-b258-0011d823eebd)

Janos Follath reports : An attacker who can run code on the same machine that is performing an RSA decryption can potentially recover the plaintext through a Bleichenbacher-like oracle. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the...

4.7CVSS5.8AI score0.00336EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2018/01/04 12:0 a.m.53 views

Debian: Security Advisory (DLA-814-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.57595EPSS
Exploits2References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

QNX 6.1 TimeCreate Local Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6114/info A denial of service vulnerability has been discovered in QNX. It has been reported that it is possible for unprivileged users to cause QNX systems to stop responding, by creating multiple timers containing...

7.1AI score
Exploits0
Rows per page
Query Builder