Lucene search
+L

15 matches found

Ubuntu
Ubuntu
added 2026/03/18 5:51 p.m.8 views

USN-8108-1: Bouncy Castle vulnerabilities

It was discovered that Bouncy Castle did not sanitize user input when inserting it into an LDAP search filter. An attacker could possibly use this issue to perform an LDAP injection attack. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS...

7.5CVSS6.7AI score0.011EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/07/28 8:20 a.m.16 views

CVE-2024-58262

A flaw was found in curve25519-dalek. The crate’s implementation of constant-time operations on elliptic curve scalars lacks proper LLVM optimization, potentially revealing information about the scalar's bits. A local attacker can observe timing differences during scalar operations. This...

5.1CVSS5.7AI score0.00152EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 6:41 p.m.10 views

CVE-2021-37848

common/password.c in Pengutronix barebox through 2021.07.0 leaks timing information because strncmp is used during hash comparison...

7.5CVSS6.7AI score0.01538EPSS
Exploits1References1
Prion
Prion
added 2023/11/28 9:15 p.m.21 views

Design/Logic Flaw

RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is...

2.6CVSS6.4AI score0.00605EPSS
Exploits0References2
CVE
CVE
added 2021/08/02 7:46 p.m.48 views

CVE-2021-37848

Pengutronix barebox (through 2021.07.0) is affected by CVE-2021-37848 due to a timing leak in common/password.c during hash comparison (strncmp). This is a timing-side-channel vulnerability in the bootloader used in embedded Linux systems. Affected component: barebox binary; issue arises from str...

7.5CVSS7.4AI score0.01538EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/05/11 12:0 a.m.48 views

RHEL 6 : openssl (RHSA-2016:0996)

An update for openssl is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

10CVSS8.4AI score0.89058EPSS
Exploits7References15
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.34 views

Amazon Linux: Security Advisory (ALAS-2013-162)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.2AI score0.35584EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2014/04/17 12:23 p.m.169 views

Important: Red Hat Security Advisory: rhevm-spice-client security update

Updated rhevm-spice-client packages that fix multiple security issues are now available for Red Hat Enterprise Virtualization Manager 3. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...

7.5CVSS7AI score0.99999EPSS
Exploits94References5
Amazon
Amazon
added 2014/04/17 12:0 a.m.56 views

Critical: java-1.7.0-openjdk

Issue Overview: An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execut...

10CVSS9AI score0.07571EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.40 views

Amazon Linux AMI : openssl (ALAS-2012-38)

It was discovered that the Datagram Transport Layer Security DTLS protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding...

5CVSS7.4AI score0.16645EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2013/08/08 12:0 a.m.38 views

RedHat Update for nss and nspr RHSA-2013:1135-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.1AI score0.05213EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/08/08 12:0 a.m.32 views

RedHat Update for nss and nspr RHSA-2013:1135-01

Check for the Version of nss and nspr OpenVAS Vulnerability Test RedHat Update for nss and nspr RHSA-2013:1135-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

5CVSS0.05213EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2013/08/05 3:46 p.m.59 views

Moderate: Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update

Updated nss and nspr packages that fix two security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...

5CVSS6.7AI score0.05213EPSS
Exploits0References6
Amazon
Amazon
added 2013/03/14 12:0 a.m.44 views

Medium: gnutls

Issue Overview: It was discovered that GnuTLS leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding...

4CVSS6.8AI score0.0644EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2013/02/20 11:6 a.m.57 views

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

10CVSS6.7AI score0.35584EPSS
Exploits1References4
Rows per page
Query Builder