Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/05/05 2:56 p.m.3 views

ROOT-OS-DEBIAN-12-CVE-2024-23170 CVE-2024-23170 in rootio-mbedtls - Patched by Root

Root has patched CVE-2024-23170 in the rootio-mbedtls package for Root:Debian:12. Multiple fixed versions available...

5.5CVSS5.4AI score0.00312EPSS
Exploits0
OSV
OSVadded 2026/05/05 2:56 p.m.3 views

ROOT-OS-DEBIAN-12-CVE-2025-48965 CVE-2025-48965 in rootio-mbedtls - Patched by Root

Root has patched CVE-2025-48965 in the rootio-mbedtls package for Root:Debian:12. Multiple fixed versions available...

7.5CVSS5.4AI score0.00442EPSS
Exploits0
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.5 views

Astra Linux - уязвимость в mbedtls

Use of a Broken or Risky Cryptographic Algorithm in the function mbedtlsmpiexpmod in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information typically an untrusted operating system attacking a...

4.7CVSS5.5AI score0.00163EPSS
Exploits0References1
OSV
OSVadded 2026/04/16 1:34 p.m.4 views

SUSE-SU-2026:1413-1 Security update for ovmf

This update for ovmf fixes the following issue: - CVE-2025-59438: mbedtls: padding oracle attack possible through timing of cipher error reporting bsc1252441...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References3
OSV
OSVadded 2025/07/04 3:15 p.m.5 views

ALPINE-CVE-2025-49600

In MbedTLS 3.3.0 before 3.6.4, mbedtlslmsverify may accept invalid signatures if hash computation fails and internal errors go unchecked, enabling LMS Leighton-Micali Signature forgery in a fault scenario. Specifically, unchecked return values in mbedtlslmsverify allow an attacker who can induce ...

4.9CVSS7.4AI score0.00129EPSS
Exploits0References1
OSV
OSVadded 2024/03/27 8:15 a.m.4 views

AZL-37077 CVE-2024-2466 affecting package curl for versions less than 8.8.0-1

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate...

6.5CVSS7.2AI score0.01299EPSS
Exploits1References1
Securelist
Securelistadded 2020/11/06 3:23 p.m.27 views

RansomEXX Trojan attacks Linux systems

We recently discovered a new file-encrypting Trojan built as an ELF executable and intended to encrypt data on machines controlled by Linux-based operating systems. After the initial analysis we noticed similarities in the code of the Trojan, the text of the ransom notes and the general approach ...

Exploits0
Positive Technologies
Positive Technologiesadded 2020/09/02 12:0 a.m.3 views

PT-2020-14778 · Arm +2 · Mbed Tls +2

Name of the Vulnerable Software and Affected Versions: Trusted Firmware Mbed TLS versions prior to 2.23.0 Description: A timing side channel in the mbedtls ssl decrypt buf function in the library/ssl msg.c file allows an attacker to recover secret key information. This issue affects CBC mode due ...

9.8CVSS5.8AI score0.02569EPSS
Exploits6References84
Rows per page
Query Builder