Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.5 views

MiracleLinux 3 : openssl-0.9.8e-26.AXS3.1 (AXSA:2013-126:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-126:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

5CVSS7.1AI score0.35584EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-2914

Malware in sbrugna...

5.9CVSS6.1AI score0.03623EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-2913

Malware in sbrugna...

5.9CVSS6.1AI score0.03623EPSS
Exploits0References15
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:12 a.m.22 views

Security Bulletin: Lucky 13 Attack Vulnerability in IBM Robotic Process Automation with Automation Anywhere - CVE-2021-29876

Summary The Lucky Thirteen attack is a crystallographic timing attack against implementations of the Transport Layer Security TLS protocol that use the CBC mode of operation. An attacker could perform man in the middle attacks to successfully obtain plain text from the secure channel. Vulnerabili...

6.1AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/07 4:56 a.m.29 views

Security Bulletin: A security vulnerability in IBM Websphere affects IBM Tivoli Netcool Performance Manager for Wireline (CVE-2013-0169)

Summary The Lucky Thirteen attack is a cryptographic timing attack against implementations of the Transport Layer Security TLS protocol that use the CBC mode of operation. An attacker could perform main in the middle attacks to successfully obtain plain text from the secure channel. Vulnerability...

0.4AI score0.35584EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2018-1444)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.1AI score0.03623EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2019-1005)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.1AI score0.03623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/02/14 12:0 a.m.40 views

EulerOS 2.0 SP3 : gnutls (EulerOS-SA-2019-1026)

According to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls CVE-2018-10844 Note that Tenable Network Security h...

5.9CVSS6.4AI score0.03623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/08 12:0 a.m.33 views

EulerOS 2.0 SP5 : gnutls (EulerOS-SA-2019-1005)

According to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls CVE-2018-10844 Note that Tenable Network Security h...

5.9CVSS6.4AI score0.03623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/12/28 12:0 a.m.26 views

EulerOS 2.0 SP2 : gnutls (EulerOS-SA-2018-1444)

According to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls CVE-2018-10844 Note that Tenable Network Security h...

5.9CVSS6.4AI score0.03623EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/11/07 12:0 a.m.33 views

Oracle Linux 7 : gnutls (ELSA-2018-3050)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3050 advisory. - Improved counter-measures in TLS CBC record padding for lucky13 attack CVE-2018-10844, 1589704, CVE-2018-10845, 1589707 - Added counter-measures for...

5.9CVSS6.5AI score0.03623EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/10/31 12:0 a.m.82 views

RHEL 7 : gnutls (RHSA-2018:3050)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3050 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as...

5.9CVSS6.6AI score0.03623EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2018/10/30 10:28 a.m.52 views

Moderate: Red Hat Security Advisory: gnutls security, bug fix, and enhancement update

An update for gnutls is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

5.9CVSS6.4AI score0.03623EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2018/09/25 12:0 a.m.41 views

Debian: Security Advisory (DLA-1518-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.02674EPSS
Exploits0References3
OSV
OSV
added 2018/09/24 10:55 a.m.6 views

SUSE-SU-2018:2842-1 Security update for gnutls

This update for gnutls fixes the following issues: Security issues fixed: - Improved mitigations against Lucky 13 class of attacks - 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery CVE-2018-10846, bsc1105460 - HMAC-SHA-384 vulnerable to Lucky thirteen...

7.5CVSS6.5AI score0.0499EPSS
Exploits1References9
OSV
OSV
added 2018/09/24 8:10 a.m.7 views

SUSE-SU-2018:2825-1 Security update for gnutls

This update for gnutls fixes the following issues: This update for gnutls fixes the following issues: Security issues fixed: - Improved mitigations against Lucky 13 class of attacks - 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery CVE-2018-10846,...

7.5CVSS6.5AI score0.0499EPSS
Exploits1References9
OSV
OSV
added 2018/08/22 12:0 a.m.3 views

UBUNTU-CVE-2018-10846

A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...

5.6CVSS6.5AI score0.00388EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/01/13 12:0 a.m.78 views

IBM Tivoli Directory Server < 6.0.0.72 / 6.1.0.55 / 6.2.0.30 / 6.3.0.22 with GSKit < 7.0.4.45 / 8.0.14.27 TLS Side-Channel Timing Information Disclosure

The remote host is running a version of IBM Tivoli Directory Server and a version of IBM Global Security Kit GSKit that is affected by an information disclosure vulnerability. The Transport Layer Security TLS protocol does not properly consider timing side-channel attacks, which allows remote...

2.6CVSS6.5AI score0.35584EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/07/10 12:0 a.m.126 views

IBM GSKit 7.x < 7.0.4.45 / 8.0.14.x < 8.0.14.27 TLS Side-Channel Timing Information Disclosure

The version of IBM Global Security Kit GSKit installed on the remote host is 7.0.x prior to 7.0.4.45 or 8.0.14.x prior to 8.0.14.27. It is, therefore, affected by an information disclosure vulnerability. The Transport Layer Security TLS protocol does not properly consider timing side-channel...

2.6CVSS6.5AI score0.35584EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2013/02/14 4:28 p.m.9 views

CAs Form New Alliance to Focus on Security Issues, Education

A group of large certificate authorities, including some that have been the victims of recent compromises of their CA systems, have formed an alliance designed to develop strategies for strengthening the CA infrastructure through education and industry initiatives. Comodo, DigiCert, Entrust,...

1.8AI score
Exploits0References7
Rows per page
Query Builder