CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An attacker with physical access to Nuvoton Trusted Platform Module NPCT75x 7.2.x before 7.2.2.0 could extract an Elliptic Curve Cryptography ECC private key via a side-channel attack against ECDSA, because of an Observable Timing Discrepancy...

3.8CVSS6.5AI score0.00207EPSS

Exploits0

RedhatCVE•added 2025/05/22 11:47 a.m.•4 views

CVE-2016-15015

A vulnerability, which was classified as problematic, was found in viafintech Barzahlen Payment Module PHP SDK up to 2.0.0. Affected is the function verify of the file src/Webhook.php. The manipulation leads to observable timing discrepancy. The complexity of an attack is rather high. The...

5.3CVSS6.9AI score0.00625EPSS

Exploits0References1

OSV•added 2025/04/22 4:56 p.m.•2 views

GO-2025-3618 Mattermost vulnerable to Observable Timing Discrepancy in github.com/mattermost/mattermost-plugin-msteams

Mattermost vulnerable to Observable Timing Discrepancy in github.com/mattermost/mattermost-plugin-msteams. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

5.9CVSS6.6AI score0.0027EPSS

Exploits0References3

Github Security Blog•added 2025/04/16 12:31 p.m.•10 views

Mattermost vulnerable to Observable Timing Discrepancy

Mattermost Plugin MSTeams versions 2.1.0 and Mattermost Server versions 10.5.x =10.5.1 with the MS Teams plugin enabled fail to perform constant time comparison on a MSTeams plugin webhook secret which allows an attacker to retrieve the webhook secret of the MSTeams plugin via a timing attack...

5.9CVSS6.7AI score0.0027EPSS

Exploits0References4Affected Software2

NVD•added 2024/09/04 3:15 a.m.•8 views

CVE-2024-39921

Observable timing discrepancy issue exists in IPCOM EX2 Series V01L02NF0001 to V01L06NF0401, V01L20NF0001 to V01L20NF0401, V02L20NF0001 to V02L21NF0301, and IPCOM VE2 Series V01L04NF0001 to V01L06NF0112. If this vulnerability is exploited, some of the encrypted communication may be decrypted by a...

7.5CVSS0.00427EPSS

Exploits0References2

CVE•added 2024/09/04 1:51 a.m.•55 views

CVE-2024-39921

CVE-2024-39921 describes an information-disclosure vulnerability in IPCOM EX2 Series (V01L02NF0001–V01L06NF0401, V01L20NF0001–V01L20NF0401, V02L20NF0001–V02L21NF0301) and IPCOM VE2 Series (V01L04NF0001–V01L06NF0112). The issue is an observable timing discrepancy that can allow an attacker to decr...

7.5CVSS6.7AI score0.00427EPSS

Exploits0References2Affected Software1

OSV•added 2024/08/20 8:29 p.m.•13 views

GO-2023-1661 Answer has Observable Timing Discrepancy in github.com/answerdev/answer

Answer has Observable Timing Discrepancy in github.com/answerdev/answer...

5.3CVSS5.2AI score0.00639EPSS

Exploits1References4

OSV•added 2024/08/20 8:25 p.m.•9 views

GO-2023-1294 easy-scrypt Observable Timing Discrepancy vulnerability in github.com/agnivade/easy-scrypt

easy-scrypt Observable Timing Discrepancy vulnerability in github.com/agnivade/easy-scrypt...

5.3CVSS5.2AI score0.00704EPSS

Exploits0References6

OSV•added 2024/08/13 6:59 p.m.•11 views

GHSA-RFXF-MF63-CPQV open-telemetry has an Observable Timing Discrepancy

Summary The bearertokenauth extension's server authenticator performs a simple, non-constant time string comparison of the received & configured bearer tokens. Details...

6.9CVSS6.3AI score0.0062EPSS

Exploits0References5

Github Security Blog•added 2024/06/05 4:56 p.m.•24 views

Observable Timing Discrepancy in pypqc

Impact kyber512, kyber768, and kyber1024 on Mac OS \or when compiled with clang\ only: An attacker able to submit many decapsulation requests against a single private key, and to gain timing information about the decapsulation, could recover the private key. Proof-of-concept exploit exists for a...

7AI score

Exploits0References3Affected Software1

NVD•added 2024/05/22 6:15 a.m.•12 views

CVE-2020-35165

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability...

5.1CVSS5.3AI score0.00152EPSS

Exploits0References1

Vulnrichment•added 2024/05/22 5:56 a.m.•12 views

CVE-2020-35165

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability...

5.1CVSS7AI score0.00152EPSS

Exploits0References1

NVD•added 2024/02/02 4:15 p.m.•10 views

CVE-2021-21575

Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability...

9.8CVSS6.7AI score0.00529EPSS

Exploits0References1

CVE•added 2024/02/02 3:53 p.m.•53 views

CVE-2021-21575

CVE-2021-21575 affects Dell BSAFE Micro Edition Suite, versions prior to 4.5.2. The vulnerability is described as an Observable Timing Discrepancy leading to information disclosure. Public sources in connected documents corroborate: vulnerable component is the Dell BSAFE Micro Edition Suite, with...

9.8CVSS9.4AI score0.00529EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/02/02 3:53 p.m.•17 views

CVE-2021-21575

Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability...

5.9CVSS6.9AI score0.00529EPSS

Exploits0References1

NVD•added 2023/12/21 9:15 p.m.•12 views

CVE-2023-41097

An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0...

7.5CVSS0.00298EPSS

Exploits0References2

Prion•added 2023/12/21 9:15 p.m.•23 views

Buffer overflow

An Observable Timing Discrepancy, Covert Timing Channel vulnerability in Silabs GSDK on ARM potentially allows Padding Oracle Crypto Attack on CBC PKCS7.This issue affects GSDK: through 4.4.0...

5CVSS6.9AI score0.00298EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by