Lucene search
+L

11 matches found

redhatcve
redhatcve
added 2026/06/22 2:7 p.m.12 views

CVE-2026-12205

A flaw was found in Crypt::DSA, a Perl module for Digital Signature Algorithm DSA cryptography. This vulnerability occurs because the software reuses a unique random number, known as a nonce, for multiple digital signatures generated with the same cryptographic key. An attacker could exploit this...

9.1CVSS5.8AI score0.00289EPSS
Exploits0References5
nessus
nessus
added 2024/06/03 12:0 a.m.21 views

RHEL 8 : openssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssl: Read buffer overruns processing ASN.1 strings CVE-2021-3712 - Simultaneous Multi-threading SMT i...

9.1CVSS7.8AI score0.50445EPSS
Exploits8References10
f5
f5
added 2023/02/21 8:0 p.m.72 views

K73422160: OpenSSL vulnerability CVE-2019-1547

Security Advisory Description Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters instead of using a named curve. In those cases it is possible th...

4.7CVSS6.5AI score0.01188EPSS
Exploits0Affected Software3
nessus
nessus
added 2020/03/20 12:0 a.m.44 views

EulerOS Virtualization 3.0.2.2 : openssl (EulerOS-SA-2020-1274)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker,...

4.7CVSS6.7AI score0.03838EPSS
Exploits0References3
nessus
nessus
added 2020/03/13 12:0 a.m.35 views

EulerOS Virtualization for ARM 64 3.0.2.0 : openssl (EulerOS-SA-2020-1221)

According to the versions of the openssl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In situations where an attacker receives automated notification of the success or failure of a decryption attempt an...

4.7CVSS6.5AI score0.03838EPSS
Exploits0References4
mageia
mageia
added 2020/03/08 10:37 p.m.18 views

Updated mbedtls packages fix security vulnerabilities

Updated mbedtls packages fix security vulnerabilities: If Mbed TLS is running in an SGX enclave and the adversary has control of the main operating system, they can launch a side channel attack to recover the RSA private key when it is being imported. Found by Alejandro Cabrera Aldaya and Billy...

1.4AI score
Exploits0References3
nessus
nessus
added 2019/11/08 12:0 a.m.38 views

EulerOS 2.0 SP5 : openssl110h (EulerOS-SA-2019-2218)

According to the versions of the openssl110h packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in th...

5.9CVSS6.6AI score0.12154EPSS
Exploits0References4
nessus
nessus
added 2019/11/08 12:0 a.m.68 views

EulerOS 2.0 SP3 : openssl1.1.0f (EulerOS-SA-2019-2254)

According to the versions of the openssl1.1.0f packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some...

4.7CVSS6.7AI score0.03838EPSS
Exploits0References3
nvd
nvd
added 2019/09/10 5:15 p.m.24 views

CVE-2019-1547

Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters instead of using a named curve. In those cases it is possible that such a group does not have...

4.7CVSS5.2AI score0.01188EPSS
Exploits0References35
alpinelinux
alpinelinux
added 2019/09/10 4:58 p.m.42 views

CVE-2019-1547

Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters instead of using a named curve. In those cases it is possible that such a group does not have...

4.7CVSS5.8AI score0.01188EPSS
Exploits0
freebsd
freebsd
added 2018/06/13 12:0 a.m.42 views

botan2 -- ECDSA side channel

botan2 developers report: A side channel in the ECDSA signature operation could allow a local attacker to recover the secret key. Found by Keegan Ryan of NCC Group. Bug introduced in 2.5.0, fixed in 2.7.0. The 1.10 branch is not affected...

5.9CVSS4.1AI score0.00499EPSS
Exploits1References2
Rows per page
Query Builder