Lucene search
+L

9 matches found

OSV
OSV
added 4 days ago4 views

JLSEC-2026-683 An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT...

An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSLCHECKSIGFAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault...

5.9CVSS6AI score0.0042EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2024/12/07 12:0 a.m.6 views

CVE-2024-5288

...

5.9CVSS6.7AI score0.0042EPSS
Exploits0
OSV
OSV
added 2024/08/27 7:15 p.m.3 views

DEBIAN-CVE-2024-5288

An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSLCHECKSIGFAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault...

5.9CVSS5.3AI score0.0042EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/27 6:36 p.m.27 views

CVE-2024-5288 Safe-error attack on TLS 1.3 Protocol

An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSLCHECKSIGFAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault...

5.1CVSS0.0042EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/27 6:36 p.m.21 views

CVE-2024-5288 Safe-error attack on TLS 1.3 Protocol

An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSLCHECKSIGFAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault...

5.1CVSS5.1AI score0.0042EPSS
Exploits0References1
OSV
OSV
added 2024/08/27 6:36 p.m.14 views

CVE-2024-5288 Safe-error attack on TLS 1.3 Protocol

An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSLCHECKSIGFAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault...

5.1CVSS6.1AI score0.0042EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/14 12:0 a.m.4 views

PT-2024-6157 · Wolfssl +1 · Wolfssl +1

Name of the Vulnerable Software and Affected Versions: wolfSSL versions prior to 5.7.0 Description: An issue was discovered in wolfSSL that leads to ECDSA key disclosure via a safe-error attack using Rowhammer, known as FAULT+PROBE. When WOLFSSL CHECK SIG FAULTS is used in signing operations with...

5.9CVSS7AI score0.0042EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2011/06/17 12:0 a.m.35 views

Ubuntu 10.04 LTS / 10.10 / 11.04 : libvirt vulnerabilities (USN-1152-1)

It was discovered that libvirt did not use thread-safe error reporting. A remote attacker could exploit this to cause a denial of service via application crash. CVE-2011-1486 Eric Blake discovered that libvirt had an off-by-one error which could be used to reopen disk probing and bypass the fix f...

4.4CVSS7AI score0.01199EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2011/05/31 8:0 p.m.36 views

CVE-2011-1486

libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service crash by causing multiple threads to report errors at the same time...

3.3CVSS8.3AI score0.01199EPSS
Exploits0
Rows per page
Query Builder