Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.231 views

RHEL 8 : openssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssl: the crehash script allows command injection CVE-2022-2068 - The OpenSSL DSA signature algorithm...

8.7AI score0.95764EPSS
Exploits10References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.3 views

SUSE CVE-2018-5407

Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'...

4.8CVSS6.4AI score0.03418EPSS
Exploits4References41
CNVD
CNVD
added 2020/09/25 12:0 a.m.2 views

Cisco IOS XE Denial of Service Vulnerability (CNVD-2020-72733)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the IP Service Level Agreement SLA response program feature of Cisco IOS XE. The vulnerability stems from the possibility that the IP S...

8.6CVSS6.6AI score0.01275EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for openssl110f (EulerOS-SA-2019-2430)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.6AI score0.12154EPSS
Exploits4References2
Mageia
Mageia
added 2018/11/27 3:26 p.m.59 views

Updated openssl packages fix security vulnerabilities

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a Affected 1.1.1. Fixed in OpenSSL 1.1.0j Affected 1.1.0-1.1.0i. Fixed in OpenSSL 1.0.2q...

5.9CVSS6AI score0.12154EPSS
Exploits4References3
NVD
NVD
added 2018/11/15 9:29 p.m.18 views

CVE-2018-5407

Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'...

4.7CVSS6AI score0.03418EPSS
Exploits4References28
Prion
Prion
added 2018/11/15 9:29 p.m.29 views

Design/Logic Flaw

Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'...

1.9CVSS5AI score0.03418EPSS
Exploits4References28Affected Software20
OSV
OSV
added 2018/11/15 9:29 p.m.2 views

DEBIAN-CVE-2018-5407

Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'...

4.7CVSS7.3AI score0.03418EPSS
Exploits4References1
OSV
OSV
added 2018/11/15 9:29 p.m.2 views

ALPINE-CVE-2018-5407

Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'...

4.7CVSS6.5AI score0.03418EPSS
Exploits4References1
CVE
CVE
added 2018/11/15 9:0 p.m.672 views

CVE-2018-5407

CVE-2018-5407 is a PortSmash timing-side channel vulnerability in SMT/Hyper-Threading affecting OpenSSL. Local attackers could exploit a timing leakage during cryptographic operations to gain information. Documented in multiple advisories (e.g., ALAS/ALAS2 for OpenSSL) with remediation stating to...

4.7CVSS5.6AI score0.03418EPSS
Exploits4References28Affected Software1
Cvelist
Cvelist
added 2018/11/15 9:0 p.m.40 views

CVE-2018-5407

Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'...

5.7AI score0.03418EPSS
Exploits4References28
Debian CVE
Debian CVE
added 2018/11/15 9:0 p.m.52 views

CVE-2018-5407

Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'...

4.7CVSS6.4AI score0.03418EPSS
Exploits4
AlpineLinux
AlpineLinux
added 2018/11/15 9:0 p.m.47 views

CVE-2018-5407

Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'...

4.7CVSS6AI score0.03418EPSS
Exploits4
UbuntuCve
UbuntuCve
added 2018/11/15 12:0 a.m.32 views

CVE-2018-5407

Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'...

4.7CVSS6.9AI score0.03418EPSS
Exploits4References4
OSV
OSV
added 2018/11/15 12:0 a.m.3 views

UBUNTU-CVE-2018-5407

Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'...

4.7CVSS6.7AI score0.03418EPSS
Exploits4References5
The Hacker News
The Hacker News
added 2018/11/04 9:24 a.m.1 views

New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with simultaneous multi-threading...

4.7CVSS9.4AI score0.03418EPSS
Exploits4
Rows per page
Query Builder