Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.6 views

CVE-2022-38493

Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn't check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Service via a crafted JWE JSON Web Encryption token...

7.5CVSS6.7AI score0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2004-0350

Malware in sbrugna...

2.1CVSS6.4AI score0.00458EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-38493

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn't check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Servi...

7.5CVSS7.3AI score0.00291EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:36 a.m.4 views

SUSE CVE-2021-43398

Crypto++ aka Cryptopp 8.6.0 and earlier contains a timing leakage in MakePublicKey. There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks. NOTE: this...

5.3CVSS6.5AI score0.01899EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/08/20 8:15 p.m.3 views

CVE-2022-38493

Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn't check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Service via a crafted JWE JSON Web Encryption token...

7.5CVSS5.8AI score0.00291EPSS
Exploits0References2
OSV
OSV
added 2022/08/20 8:15 p.m.2 views

UBUNTU-CVE-2022-38493

Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn't check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Service via a crafted JWE JSON Web Encryption token...

7.5CVSS5.8AI score0.00291EPSS
Exploits0References3
CVE
CVE
added 2022/08/20 7:41 p.m.67 views

CVE-2022-38493

CVE-2022-38493 affects Rhonabwy 0.9.99 through 1.1.x prior to 1.1.7, where the RSA private key length is not validated before RSA-OAEP decryption. The underlying issue allows an attacker to cause a Denial of Service via a crafted JWE (JSON Web Encryption) token. Multiple connected sources (Red Ha...

7.5CVSS7.3AI score0.00291EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2021/11/04 9:15 p.m.6 views

CVE-2021-43398

Crypto++ aka Cryptopp 8.6.0 and earlier contains a timing leakage in MakePublicKey. There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks. NOTE: this...

5.3CVSS5AI score
Exploits0References3
OSV
OSV
added 2021/11/04 9:15 p.m.4 views

UBUNTU-CVE-2021-43398

DISPUTED Crypto++ aka Cryptopp 8.6.0 and earlier contains a timing leakage in MakePublicKey. There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks...

5.3CVSS6.2AI score0.01899EPSS
Exploits1References4
Cvelist
Cvelist
added 2021/11/04 8:6 p.m.20 views

CVE-2021-43398

Crypto++ aka Cryptopp 8.6.0 and earlier contains a timing leakage in MakePublicKey. There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks. NOTE: this...

5.4AI score0.01899EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/11/04 12:0 a.m.3 views

Crypto++ 安全漏洞

Crypto++ is a C++ cryptographic method library. A security vulnerability exists in Crypto++ a.k.a. Cryptopp versions 8.6.0 and earlier, which stems from the software containing a timing leak in MakePublicKey. There is a significant correlation between the private key execution time and the privat...

5.3CVSS6AI score0.01899EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2021/11/04 12:0 a.m.3 views

PT-2021-23829 · Crypto++ · Crypto++

Name of the Vulnerable Software and Affected Versions: Crypto++ aka Cryptopp versions 8.6.0 and earlier Description: The issue concerns a timing leakage in the MakePublicKey function, where there is a correlation between execution time and private key length. This could potentially allow attacker...

5.3CVSS7AI score0.01899EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2014/11/26 12:0 a.m.249 views

OracleVM 2.2 : openssl (OVMSA-2014-0007)

The remote OracleVM system is missing necessary patches to address critical security updates : - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability - replace expired GlobalSign Root CA certificate in ca-bundle.crt - fix for CVE-2013-0169 - SSL/TLS CBC timing attack 907589 - fix for CVE-2013-0166 ...

10CVSS8AI score0.95326EPSS
Exploits34References20
Rows per page
Query Builder