Lucene search
K

719 matches found

OSV
OSV
added 2026/05/08 3:16 p.m.13 views

UBUNTU-CVE-2026-43383

In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.4CVSS5.7AI score0.00443EPSS
Exploits0References22
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.11 views

CVE-2026-43384

In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.8CVSS5.7AI score0.00457EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.13 views

CVE-2026-43383

In the Linux kernel, the following vulnerability has been resolved: net/tcp-md5: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.4CVSS5.7AI score0.00443EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.6 views

CVE-2026-43384

In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

5.7AI score0.00457EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.37 views

CVE-2026-43384 net/tcp-ao: Fix MAC comparison to be constant-time

In the Linux kernel, the following vulnerability has been resolved: net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...

9.8CVSS0.00457EPSS
Exploits0References4
CVE
CVE
added 2026/05/08 2:21 p.m.22 views

CVE-2026-43384

The CVE-2026-43384 issue concerns the Linux kernel TCP Authentication Option (TCP-AO) where MACs were compared without constant-time handling. The connected documents confirm a fix was applied to make MAC comparisons constant-time, mitigating timing-attack leakage of sensitive information. The vu...

9.8CVSS5.7AI score0.00457EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.15 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of a non-constant time for the MAC comparison of tcp-md5, potentially leading to timing attacks...

9.4CVSS5.8AI score0.00443EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-39044

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A timing attack is possible because Message Authentication Codes MACs are not compared in constant time. This allows an attacker to potentially deduce information by measuring the time t...

9.4CVSS5.8AI score0.00443EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.9 views

PT-2026-39045

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A timing attack issue exists in the TCP Authentication Option TCP-AO implementation. The Message Authentication Code MAC comparison was not performed in constant-time, which could allow ...

9.8CVSS5.8AI score0.00457EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the MAC comparison in tcp-ao does not use a constant time, potentially leading to timing...

9.8CVSS5.8AI score0.00457EPSS
Exploits0References1
Debian
Debian
added 2026/05/01 5:11 a.m.9 views

[SECURITY] [DLA 4556-1] dovecot security update

Debian LTS Advisory DLA-4556-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin May 01, 2026 https://wiki.debian.org/LTS Package : dovecot Version : 1:2.3.13+dfsg1-2+deb11u3 CVE ID : CVE-2025-59031 CVE-2025-59032 CVE-2026-0394 CVE-2026-27855 CVE-2026-27856...

7.5CVSS5.7AI score0.0079EPSS
Exploits6
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.11 views

Mojic 安全漏洞

Mojic is a C-language code obfuscation tool developed by Amit Dutta. Versions of Mojic prior to 2.1.4 contained security vulnerabilities. These vulnerabilities stemmed from the use of the standard equality operator by CipherEngine to verify HMAC-SHA256 integrity checks, which could allow attacker...

4.7CVSS5.9AI score0.00108EPSS
Exploits0References1
Spring Security Advisories
Spring Security Advisories
added 2026/04/23 12:0 a.m.7 views

DevTools remote secret comparison is vulnerable to timing attacks

An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In extreme circumstances this could result in the attacker determining the secret and uploading changed classes, thereby achieving remote code executio...

7.5CVSS6.5AI score0.00262EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013091)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013091 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared ...

5.6AI score0.00175EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011046)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011046 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared ...

5.6AI score0.00175EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/14 12:31 a.m.7 views

EUVD-2026-22136

Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timing could be used to guess the secret password...

5.8AI score0.00396EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/13 10:54 p.m.21 views

CVE-2026-5086 Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks

Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timing could be used to guess the secret password...

0.00396EPSS
Exploits0References1
CVE
CVE
added 2026/04/13 10:54 p.m.14 views

CVE-2026-5086

CVE-2026-5086 affects Crypt::SecretBuffer

7.5CVSS5.8AI score0.00396EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.7 views

Crypt::SecretBuffer 安全漏洞

Crypt::SecretBuffer is a cryptographic buffer module developed by NERDVANA’s individual developers, designed for secure storage and memory protection of sensitive data. Versions of Crypt::SecretBuffer prior to 0.019 contained security vulnerabilities, which were due to susceptibility to timing...

7.5CVSS5.9AI score0.00396EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.10 views

PT-2026-32548

Perl CPAN CVE-2026-5086: Crypt::SecretBuffer versions before 0.019 is susceptible to timing attacks https://t.co/9mQfUsrqkz For example, if it was used to store and compare plaintext passwords, then discrepancies in timing could be used to guess the secret password...

5.8AI score0.00396EPSS
Exploits0References4
Rows per page
Query Builder