Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/05/21 2:27 p.m.3 views

CLSA-2026-1779373661 iperf3: Fix of CVE-2024-26306

CVE-2024-26306: use OAEP padding instead of PKCS1 padding for OpenSSL to address timing side-channel in RSA authentication. Note: peers running patched and unpatched iperf3 will fail to authenticate unless the legacy behavior is explicitly opted into via --use-pkcs1-padding on both ends...

5.9CVSS5.8AI score0.01116EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/14 7:25 p.m.5 views

CVE-2025-68698

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses PKCS1Encoding which is vulnerable to Bleichenbacher padding oracle attacks. Modern systems should use OAEP Optimal Asymmetric Encryption Padding. This vulnerability is fixed in 2.2...

8.7CVSS6.9AI score0.00009EPSS
Exploits0References1
NVD
NVDadded 2025/08/29 10:15 a.m.1 views

CVE-2025-9071

Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto library in all versions up to 1.5.1, results in deterministic RSA and thus in a loss of confidentiality for guessable messages, recognition of repeated...

2.3CVSS0.0004EPSS
Exploits0References1
CVE
CVEadded 2025/08/29 9:19 a.m.7 views

CVE-2025-9071

The CVE-2025-9071 entry concerns Oberon Microsystems’ Oberon PSA Crypto library (all versions up to 1.5.1). The root cause is using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, making RSA deterministic. This leads to confidentiality loss for guessable messages, rec...

2.3CVSS6.2AI score0.0004EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/08/29 12:0 a.m.3 views

PT-2025-35197

Name of the Vulnerable Software and Affected Versions: Oberon PSA Crypto Library versions prior to 1.6 Description: The software uses an all-zero seed for RSA-OEAP padding instead of generated random bytes. This results in deterministic RSA, leading to a loss of confidentiality for guessable...

2.3CVSS6.4AI score0.0004EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2024/03/25 7:39 p.m.2 views

nss: timing attack against RSA decryption

It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be used to mount a Bleichenbacher or Manger like attack against all RSA decryption operations. As the leak happens...

6.5CVSS7.1AI score0.00245EPSS
Exploits0References6
Huntr
Huntradded 2021/06/29 1:57 p.m.12 views

in w7corp/easywechat

✍️ Description The method encryptsensitiveinformation in BaseClient.php uses the RSA algorithm without OAEP padding, thereby making the encryption weak. In order to use RSA securely, the OAEP padding mode Optimal Asymmetric Encryption Padding must be used. This category was derived from the Cigita...

0.3AI score
Exploits0References1
Oracle linux
Oracle linuxadded 2021/05/25 12:0 a.m.46 views

pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update

apache-commons-collections jss 4.8.1-2 - Bug 1932803 - HSM + FIPS: CMCRequest with a shared secret resulting in error 4.8.1-1 - Rebase to upstream JSS v4.8.1 - Red Hat Bugilla 1908541 - jss broke SCEP - missing PasswordChallenge class - Red Hat Bugilla 1489256 - RFE jss should support RSA with OA...

8.1CVSS8.6AI score0.00366EPSS
Exploits0
Rows per page
Query Builder