Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-45287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but...

7.5CVSS6.7AI score0.0125EPSS
Exploits0References4
OSV
OSV
added 2023/12/05 5:15 p.m.7 views

AZL-37310 CVE-2023-45287 affecting package golang for versions less than 1.21.6-1

Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS1 padding may leak timing...

7.5CVSS6.8AI score0.0125EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/09/25 12:0 a.m.6 views

TP-LINK Smart bulb Tapo series security vulnerability

TP-LINK Smart bulb Tapo series is a series of multi-color smart Wi-Fi bulbs from China P&L TP-LINK. A security vulnerability exists in TPLink Smart bulb Tapo series L530 v.1.0.0, Tapo Application v.2.8.14. A remote attacker could exploit the vulnerability to obtain sensitive information via the...

7.5CVSS6.5AI score0.00694EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:46 a.m.4 views

SUSE CVE-2012-3137

The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force...

6.4CVSS9.2AI score0.31437EPSS
Exploits4References5
CNVD
CNVD
added 2018/08/17 12:0 a.m.2 views

ZyXEL ZyWALL/USG Series Device Information Disclosure Vulnerability

ZyXEL ZyWALL/USG is a network security firewall appliance from Hopkins ZyXEL Technology. A security vulnerability exists in the Internet Key Exchange IKE handshake implementation used for IPsec-based VPN connections in the ZyXEL ZyWALL/USG series devices. An attacker can exploit the vulnerability...

5.9CVSS5.9AI score0.00965EPSS
Exploits0References1
Rows per page
Query Builder