Lucene search
K

715 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in mbedtls

The use of a broken or risky cryptographic algorithm in the function mbedtlsmpiexpmod in lignum.c in Mbed TLS for all versions prior to 3.0.0, 2.27.0, or 2.16.11 allows attackers with access to precise timing and memory access information typically from an untrusted operating system attacking a...

4.7CVSS5.8AI score0.00163EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Python 2.7, Python 3.7

A issue was discovered in the comparedigest function in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimizations were possible in the accumulator variable used in hmac.comparedigest...

5.9CVSS6.8AI score0.01148EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/15 2:36 p.m.8 views

CVE-2017-20240

Crypt::PBKDF2 versions before 0.261630 for Perl are vulnerable to timing attacks. These versions use Perl's built-in eq comparison. Discrepancies in timing could be used to guess the underlying derived-key...

5.9CVSS5.2AI score0.00319EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.12 views

Fedora 44 : perl-Catalyst-Plugin-Authentication (2026-26666575ae)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-26666575ae advisory. Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks since these versions use Perl's built-in eq comparison...

5.1CVSS5.8AI score0.00196EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.11 views

Fedora 43 : perl-Catalyst-Plugin-Authentication (2026-af4f5feae8)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-af4f5feae8 advisory. Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks since these versions use Perl's built-in eq comparison...

5.1CVSS5.8AI score0.00196EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/22 12:31 a.m.15 views

EUVD-2026-31353

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash or password...

5.8AI score0.00196EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/21 9:7 p.m.9 views

CVE-2026-5091

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash or password...

5.8AI score0.00196EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/21 9:7 p.m.7 views

CVE-2026-5091 Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash or password...

5.8AI score0.00196EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/20 8:25 p.m.7 views

CVE-2026-47373 Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks

Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash...

5.8AI score0.00393EPSS
Exploits0References2
CVE
CVE
added 2026/05/20 8:25 p.m.22 views

CVE-2026-47373

CVE-2026-47373 affects Crypt::SaltedHash for Perl (versions up to 0.09). The issue arises from using Perl’s eq for hash comparison, enabling timing-based leakage that could help an attacker guess the underlying hash. The risk is described as a timing attack without explicit exploitation details i...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.11 views

PT-2026-42265

Name of the Vulnerable Software and Affected Versions Crypt::SaltedHash versions prior to 0.110.0 Description Crypt::SaltedHash for Perl is susceptible to timing attacks because it uses Perl's built-in eq comparison. Discrepancies in timing could be used to guess the underlying hash...

9.1CVSS5.8AI score0.00397EPSS
Exploits0References18
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.9 views

SUSE CVE-2026-43384

In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.8CVSS5.7AI score0.00457EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/11 2:13 p.m.9 views

SUSE CVE-2026-43383

In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.4CVSS5.7AI score0.00443EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/08 3:31 p.m.11 views

EUVD-2026-28689

In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

5.7AI score0.00443EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/08 3:31 p.m.16 views

EUVD-2026-28690

In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

5.7AI score0.00457EPSS
Exploits0References5
NVD
NVD
added 2026/05/08 3:16 p.m.6 views

CVE-2026-43383

In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.4CVSS0.00443EPSS
Exploits0References8
OSV
OSV
added 2026/05/08 3:16 p.m.10 views

UBUNTU-CVE-2026-43383

In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.4CVSS5.7AI score0.00443EPSS
Exploits0References20
OSV
OSV
added 2026/05/08 3:16 p.m.7 views

UBUNTU-CVE-2026-43384

In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.8CVSS5.7AI score0.00457EPSS
Exploits0References14
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.11 views

CVE-2026-43384

In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.8CVSS5.7AI score0.00457EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.12 views

CVE-2026-43383

In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.4CVSS5.7AI score0.00443EPSS
Exploits0References9
Rows per page
Query Builder