Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-28498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package elliptic before 6.5.4 are vulnerable to Cryptographic Issues via the secp256k1 implementation in elliptic/ec/key.js. There is no check to confirm th...

6.8CVSS6.8AI score0.01245EPSS
Exploits0References2
Amazon
Amazon
added 2024/02/19 12:0 a.m.3 views

Medium: nss-softokn

Issue Overview: Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox 121. CVE-2023-6135 Affected Packages: nss-softokn Note: This advisory is applicable...

4.3CVSS8.8AI score0.00714EPSS
Exploits0
Snyk
Snyk
added 2022/05/24 3:21 p.m.1 views

Infinite loop

Overview std/crypto/elliptic is a Go standard library package std/crypto/elliptic Affected versions of this package are vulnerable to Infinite loop. Go Vulnerability Report: via the crypto/elliptic process. An attacker can cause excessive CPU consumption or potentially recover private keys by...

8.8CVSS8.2AI score0.04326EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2019/11/14 11:0 a.m.6 views

Qualcomm Chip Flaws Let Hackers Steal Private Data From Android Devices

Hundreds of millions of devices, especially Android smartphones and tablets, using Qualcomm chipsets, are vulnerable to a new set of potentially serious vulnerabilities. According to a report cybersecurity firm CheckPoint shared with The Hacker News, the flaws could allow attackers to steal...

7.1CVSS7.5AI score0.01589EPSS
Exploits1
OSV
OSV
added 2018/12/06 5:43 p.m.3 views

USN-3840-1 openssl, openssl1.0 vulnerabilities

Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private DSA keys. CVE-2018-0734 Samuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An attacker could possibly...

5.9CVSS6.7AI score0.12154EPSS
Exploits4References4
OSV
OSV
added 2017/12/13 4:29 p.m.3 views

CVE-2017-17427

Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adaptive-chosen ciphertext attack "Bleichenbacher attack". This allows an attacker to decrypt observed traffic that has been encrypted with the RSA cipher and to perform other private key operations...

5.9CVSS5.7AI score0.15577EPSS
Exploits0References4
OSV
OSV
added 2016/09/07 7:28 p.m.5 views

CVE-2016-6670

Huawei S7700, S9300, S9700, and S12700 devices with software before V200R008C00SPC500 use random numbers with insufficient entropy to generate self-signed certificates, which makes it easier for remote attackers to discover private keys by leveraging knowledge of a certificate...

5.3CVSS5.8AI score0.00832EPSS
Exploits0References2
OSV
OSV
added 2007/08/08 1:17 a.m.3 views

DEBIAN-CVE-2007-3108

The BNfrommontgomery function in crypto/bn/bnmont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys...

1.2CVSS9.1AI score0.00409EPSS
Exploits1References1
Rows per page
Query Builder