276 matches found
CVE-2022-0823
An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could allow a local attacker to guess the password by using a timing side-channel attack...
EUVD-2013-1655
Malware in sbrugna...
EUVD-2021-1757
Malware in sbrugna...
EUVD-2013-4090
Malware in sbrugna...
EUVD-2014-0107
Malware in sbrugna...
EUVD-2016-3190
Malware in sbrugna...
EUVD-2014-3956
Malware in sbrugna...
EUVD-2017-14465
Malware in sbrugna...
EUVD-2023-57703
Malicious code in bioql PyPI...
EUVD-2022-15871
Malicious code in bioql PyPI...
EUVD-2023-1436
Malicious code in bioql PyPI...
TencentOS Server 3: gnutls (TSSA-2024:0055)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0055 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 2: openssl (TSSA-2023:0334)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0334 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
TencentOS Server 4: gnutls (TSSA-2024:0582)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0582 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Timing Side-channel Attack
signxml is vulnerable to a Timing side-channel attack. The vulnerability is due to information leakage during HMAC comparison when requirex509=False and hmackey is used, allowing attackers to infer the correct HMAC...
GHSA-4QJH-9FV9-R85R Potential Timing Side-Channel Vulnerability in vLLM’s Chunk-Based Prefix Caching
This issue arises from the prefix caching mechanism, which may expose the system to a timing side-channel attack. Description When a new prompt is processed, if the PageAttention mechanism finds a matching prefix chunk, the prefill process speeds up, which is reflected in the TTFT Time to First...
PT-2025-23135 · Vllm · Vllm
Name of the Vulnerable Software and Affected Versions: vLLM versions prior to 0.9.0 Description: The issue arises from the prefix caching mechanism in vLLM, which may expose the system to a timing side-channel attack. When a new prompt is processed, if the PageAttention mechanism finds a matching...
ABB M2M Gateway Information Disclosure in embedded OpenSSL (CVE-2013-0169)
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...
CVE-2023-26557
io.finnet tss-lib before 2.0.0 can leak the lambda value of a private key via a timing side-channel attack because it relies on Go big.Int, which is not constant time for Cmp, modular exponentiation, or modular inverse. An example leak is in crypto/paillier/paillier.go. bnb-chain/tss-lib and...
CVE-2019-25003
An issue was discovered in the libsecp256k1 crate before 0.3.1 for Rust. Scalar::checkoverflow allows a timing side-channel attack; consequently, attackers can obtain sensitive information...