Lucene search
K

654 matches found

CNNVD
CNNVD
added 2026/04/01 12:0 a.m.8 views

Mbed TLS 安全漏洞

Mbed TLS is an open-source, portable, easy-to-use, readable, and flexible SSL library developed by Mbed TLS. Mbed TLS versions 4.0.0 and earlier, as well as TF-PSA-Crypto versions 1.0.0 and earlier, have security vulnerabilities. These vulnerabilities stem from compiler-induced timing side...

5.1CVSS5.8AI score0.0027EPSS
Exploits0References4
CVE
CVE
added 2026/04/01 12:0 a.m.24 views

CVE-2025-66442

CVE-2025-66442 affects Mbed TLS up to 4.0.0 and TF-PSA-Crypto up to 1.0.0. The issue is a compiler-induced timing side channel in RSA and CBC/ECB decryption that occurs specifically with LLVM’s select-optimize feature. The CVSSv3.1 metrics describe a local attack with high complexity, no privileg...

5.1CVSS5.9AI score0.0027EPSS
Exploits0References4Affected Software2
Vulnrichment
Vulnrichment
added 2026/04/01 12:0 a.m.3 views

CVE-2025-66442

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel in RSA and CBC/ECB decryption that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected...

5.9AI score0.0027EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/04/01 12:0 a.m.3 views

CVE-2025-66442

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel in RSA and CBC/ECB decryption that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected...

5.1CVSS5.2AI score0.0027EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.5 views

EulerOS Virtualization 2.12.1 : shim (EulerOS-SA-2026-1462)

According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext acro...

5.9CVSS7.2AI score0.16195EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2026-1519)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.16195EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/12 7:33 a.m.11 views

CVE-2026-1357

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Upload in versions up to and including 0.9.123. This is due to improper error handling in the RSA decryption process combined with a lack of path sanitization when...

9.8CVSS6.2AI score0.32714EPSS
Exploits13References1
Cvelist
Cvelist
added 2026/02/11 5:30 a.m.35 views

CVE-2026-1357 Migration, Backup, Staging <= 0.9.123 - Unauthenticated Arbitrary File Upload

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Upload in versions up to and including 0.9.123. This is due to improper error handling in the RSA decryption process combined with a lack of path sanitization when...

9.8CVSS0.32714EPSS
Exploits13References8
ATTACKERKB
ATTACKERKB
added 2026/02/11 5:30 a.m.29 views

CVE-2026-1357

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Upload in versions up to and including 0.9.123. This is due to improper error handling in the RSA decryption process combined with a lack of path sanitization when...

9.8CVSS6.2AI score0.32714EPSS
Exploits13References9
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.4 views

EulerOS Virtualization 2.10.1 : shim (EulerOS-SA-2026-1146)

According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext acro...

5.9CVSS7.3AI score0.16195EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/01/21 5:29 a.m.12 views

USN-7970-1: iperf3 vulnerabilities

Jorge Sancho Larraz discovered that iperf3 did not properly manage certain inputs, which could cause the server process to stop responding, waiting for input on the control connection. A remote attacker could possibly use this issue to cause a denial of service. This issue was only addressed in...

10CVSS6.7AI score0.01107EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : nss-3.90.0-4.el8_9 (AXSA:2024-7398:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7398:02 advisory. nss: timing attack against RSA decryption CVE-2023-5388 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

6.5CVSS8.3AI score0.00816EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 9 : nss-3.90.0-4.el9_3 (AXSA:2024-7386:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7386:01 advisory. nss: timing attack against RSA decryption CVE-2023-5388 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

6.5CVSS8.2AI score0.00816EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.6 views

CVE-2022-38493

Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn't check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Service via a crafted JWE JSON Web Encryption token...

7.5CVSS6.7AI score0.00291EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/23 3:5 p.m.10 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM® Db2® Big SQL

Summary Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime 8 affect IBM® Db2® Big SQL 7.x on Cloud Pak for Data 4.x Vulnerability Details CVEID:CVE-2023-38264 DESCRIPTION: The IBM SDK, Java Technology Edition's Object Request Broker ORB 7.1.0.0 through 7.1.5.21 and 8.0.0.0 through...

7.5CVSS8.9AI score0.014EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/01 9:15 p.m.5 views

Security Bulletin: Vulnerability in NX-OS Firmware and DCNM Software used by IBM c-type SAN directors and switches.

Summary Public disclosed OpenSSL vulnerability in NX-OS Firmware used by IBM c-type SAN directors and switches. The vulnerability has been addressed and can be resolved by applying the NX-OS code and NDFC code levels listed below. Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: A timing...

7.5CVSS6.9AI score0.59501EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/10/13 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2025-2246)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.8AI score0.16195EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/10/13 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2025-2214)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.8AI score0.16195EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/11 12:0 a.m.3 views

EulerOS 2.0 SP11 : shim (EulerOS-SA-2025-2214)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in ...

5.9CVSS7.9AI score0.16195EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/11 12:0 a.m.6 views

EulerOS 2.0 SP11 : shim (EulerOS-SA-2025-2246)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in...

5.9CVSS7.9AI score0.16195EPSS
Exploits0References2
Rows per page
Query Builder