Lucene search
K

4 matches found

Snyk
Snyk
added 2024/08/29 11:44 p.m.2 views

Fault Injection

Overview Affected versions of this package are vulnerable to Fault Injection through the RsaPrivateDecryption function. An attacker can disclose sensitive information and escalate privileges by exploiting the Rowhammer fault injection technique to manipulate the RsaKey structure. Remediation...

8.8CVSS7.5AI score0.00544EPSS
Exploits0References2
OSV
OSV
added 2024/08/29 11:15 p.m.1 views

DEBIAN-CVE-2024-1545

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

8.8CVSS5.5AI score0.00544EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/08/27 12:0 a.m.7 views

The vulnerability of the openssl_private_decrypt() function in the PKCS1 Padding Handler component of the PHP programming language interpreter allows a attacker to execute a Marvin attack.

The vulnerability of the opensslprivatedecrypt function in the PKCS1 Padding Handler component of the PHP programming language interpreter is related to the use of an OpenSSL version that does not include the changes required by the RSAPKCS1IMPLICITREJECTION request. Exploiting this vulnerability...

5.9CVSS6.5AI score0.01158EPSS
Exploits1References9Affected Software5
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.5 views

PT-2024-18128

Name of the Vulnerable Software and Affected Versions WolfSSL version 5.6.6 Description A Fault Injection vulnerability in the RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c allows a remote attacker co-residing in the same system with a victim process to disclose information and...

8.8CVSS5.9AI score0.00544EPSS
Exploits0References16
Rows per page
Query Builder