2929 matches found
Design/Logic Flaw
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding...
CVE-2023-5981
CVE-2023-5981 affects GnuTLS via timing side-channel in RSA-PSK ClientKeyExchange, potentially leaking data. Connected docs show affected gnutls versions before 3.7.11-1 (CBLMARINER: CVE-2023-5981 affecting package gnutls for versions less than 3.7.11-1) and note CVE-2024-0553 as an incomplete re...
CVE-2023-5981 Gnutls: timing side-channel in the rsa-psk authentication
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding...
CVE-2023-5981
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding...
CVE-2023-5981
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding...
PT-2024-14854 · Opensc +10 · Opensc +10
Name of the Vulnerable Software and Affected Versions: OpenSC affected versions not specified Description: A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant, potentially resulting in the leak of private data. Recommendations: A...
GHSA-QC4J-HRJ6-CPPF upydev has weak encryption padding
An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding...
upydev has weak encryption padding
An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding...
CVE-2023-48051
An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding...
CVE-2023-48051
An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding...
CVE-2023-48051
An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding...
Information disclosure
An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding...
PYSEC-2023-302
An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding...
uPydev Security Vulnerabilities
uPydev is a command line tool by the individual developer Carglglz. A security vulnerability exists in uPydev version v0.4.3. An attacker exploited the vulnerability to decrypt sensitive information via weak cryptographic padding...
CVE-2023-48051
CVE-2023-48051 affects upydev v0.4.3 in /upydev/keygen.py. The issue is weak encryption padding (PKCS1v1.5) that could allow an attacker to decrypt sensitive information, with Bleichenbacher-style implications. CVSS v3.1 base score 7.5 (HIGH); attack vector network, no privileges required, no use...
CVE-2023-48051
An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding...
SUSE CVE-2023-5981
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding...
UBUNTU-CVE-2023-5981
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding...
CVE-2023-5981
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding...
Padre - Blazing Fast, Advanced Padding Oracle Exploit
padre is an advanced exploiter for Padding Oracle attacks against CBC mode encryption Features: blazing fast, concurrent implementation decryption of tokens encryption of arbitrary data automatic fingerprinting of padding oracles automatic detection of cipher block length HINTS! if failure occurs...