719 matches found
CVE-2011-0910
The cookie implementation in Vanilla Forums before 2.0.17.6 makes it easier for remote attackers to spoof signed requests, and consequently obtain access to arbitrary user accounts, via HMAC timing attacks...
PT-2026-26340
Name of the Vulnerable Software and Affected Versions wolfSSL version 5.8.4 Description The software contains a flaw in the constant-time masking logic within the sp 256 get entry 256 9 function. When compiled with GCC targeting RISC-V RV32I using the -O3 optimization flag, the logic is altered...
PT-2026-27729
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the kernel’s ksmbd component related to Message Authentication Code MAC comparisons. The issue stems from the use of memcmp for MAC comparisons, which is susceptible to...
Linux Distros Unpatched Vulnerability : CVE-2013-10031
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks CVE-2013-10031 Note that Nessus relies on the presence of the...
PT-2025-49686
Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks...
kernel: ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
kernel: ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
kernel: ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
sctp: Fix MAC comparison to be constant-time
...
EUVD-2025-150370
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
CVE-2025-40204
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
UBUNTU-CVE-2025-40204
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
CVE-2025-40204 sctp: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
CVE-2025-40204
Based on the provided Connected documents, CVE-2025-40204 affects the Linux kernel (SCTP) and is fixed by making MAC comparisons constant-time to prevent timing attacks. The SUSE-related Nessus advisories (SUSE-SU-2026:0274-1, SUSE-SU-2026:0284-1, SUSE-SU-2026:0262-1, SUSE-SU-2026:0270-1, etc.) l...
kernel: ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
kernel: ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
kernel: ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
SUSE CVE-2025-54499
Mattermost versions 10.5.x = 10.5.10, 10.11.x = 10.11.2 fail to use constant-time comparison for sensitive string comparisons which allows attackers to exploit timing oracles to perform byte-by-byte brute force attacks via response time analysis on Cloud API keys and OAuth client secrets...
kernel: ipv6: sr: Fix MAC comparison to be constant-time
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this...
Siemens RUGGEDCOM ROS Devices Use of a Broken or Risky Cryptographic Algorithm (CVE-2025-41223)
The affected devices support the TLSECDHEECDSAWITHAES128CBCSHA256 cipher suite, which uses CBC Cipher Block Chaining mode that is known to be vulnerable to timing attacks. This could allow an attacker to compromise the integrity and confidentiality of encrypted communications. This plugin only...