Lucene search
K

103 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-25908

Malware in sbrugna...

5.3CVSS5.5AI score0.0045EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-0208

Malware in sbrugna...

2.6CVSS6.4AI score0.35584EPSS
Exploits1References80
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-25907

Malware in sbrugna...

5.3CVSS5.5AI score0.0045EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-9895

Malware in sbrugna...

5.9CVSS7.9AI score0.02452EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-5314

Malicious code in bioql PyPI...

5.9CVSS6.2AI score0.01446EPSS
Exploits0References6
Veracode
Veracode
added 2025/06/02 4:45 a.m.11 views

Timing Side-channel Attacks

vllm is vulnerable to Timing side-channel attacks. The vulnerability is due to timing discrepancies during the prefill phase by the PageAttention mechanism reusing matching prefix chunks, which speeds up token generation and allows an attacker to infer prompt similarity or presence...

2.6CVSS3.7AI score0.00249EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2013-1619

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a...

4CVSS6.8AI score0.0644EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2013-0169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing...

2.6CVSS6.4AI score0.35584EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/06/19 12:0 a.m.28 views

SUSE SLED15: bouncycastle / bouncycastle-javadoc / bouncycastle-jmail / etc (SUSE-SU-2024:1539-2)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1539-2 advisory. Update to version 1.78.1, including fixes for: - CVE-2024-30171: Fixed timing side-channel attacks agains...

5.9CVSS6.6AI score0.00901EPSS
Exploits0References4
OSV
OSV
added 2024/06/18 11:5 a.m.17 views

SUSE-SU-2024:1539-2 Security update for bouncycastle

This update for bouncycastle fixes the following issues: Update to version 1.78.1, including fixes for: - CVE-2024-30171: Fixed timing side-channel attacks against RSA decryption both PKCS1v1.5 and OAEP. bsc1223252...

5.9CVSS6.7AI score0.00901EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.20 views

Debian: Security Advisory (DLA-759-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.7AI score0.02452EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2023/02/21 7:42 p.m.54 views

K15630: TLS in Mozilla NSS vulnerability CVE-2013-1620

Security Advisory Description The TLS implementation in Mozilla Network Security Services NSS does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attack...

4.3CVSS7.3AI score0.03723EPSS
Exploits0Affected Software18
F5 Networks
F5 Networks
added 2023/02/21 7:29 p.m.64 views

K15622: wolfSSL CyaSSL vulnerability CVE-2013-1623

Security Advisory Description The TLS and DTLS implementations in wolfSSL CyaSSL before 2.5.0 do not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks...

4.3CVSS6.7AI score0.02424EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/26 5:45 a.m.67 views

Security Bulletin: Vulnerability in IBM InfoSphere Information Server due to issues in IBM Java SDK (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169, CVE-2012-1717, CVE-2012-1718, CVE-2012-5081)

Abstract Multiple IBM Java SDK security vulnerabilities exist in the IBM InfoSphere Information Server. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0440 DESCRIPTION: Unspecified vulnerability in the Java Runtime Environment JRE allows remote attackers to affect availability via vectors relate...

5CVSS7.5AI score0.45113EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 11:13 p.m.38 views

Security Bulletin: IBM Tivoli Federated Identity Manager and Tivoli Federated Identity Manager Business Gateway can be affected by a vulnerability in the IBM GSKit library (CVE-2013-0169)

Abstract CVE-2013-0169 - The Transport Layer Security protocol does not properly consider timing side-channel attacks, which allows remote attackers to conduct distinguishing attacks and plain-text recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky...

2.6CVSS6AI score0.35584EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 11:13 p.m.50 views

Security Bulletin: IBM QRadar SIEM and QRadar Risk Manager can be affected by three vulnerabilities in the IBM Java Runtime Environment (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract CVE-2013-0440 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect availability via vectors related to JSSE. CVE- 2013-0443 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect confidentiality and integrity...

5CVSS6.1AI score0.35584EPSS
Exploits2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 11:13 p.m.38 views

Security Bulletin: IBM DB2 is impacted by a vulnerability in the IBM GSKit library (CVE-2013-0169).

Abstract GSKit is used by IBM DB2 for SSL support. The version of GSKit iused by DB2 is vulnerable to the “Lucky Thirteen” security vulnerability. By default, DB2 does not use SSL for client-server communication and therefore DB2 is vulnerable only if SSL is enabled. Content VULNERABILITY DETAILS...

2.6CVSS6.7AI score0.35584EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 11:13 p.m.34 views

Security Bulletin: Potential Security Exposure in IBM HTTP Server CVE-2013-0169 PM85211

Abstract Potential Security Exposure with IBM HTTP Server for WebSphere Application Server Content VULNERABILITY DETAILS: CVE ID:CVE-2013-0169 PM85211 DESCRIPTION: The TLS protocol in the GSKIT component of the IBM HTTP Server does not properly consider timing side-channel attacks, which could...

2.6CVSS6.5AI score0.35584EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 11:13 p.m.37 views

Security Bulletin: IBM InfoSphere Master Data Management – Java CPU Feb 2013 (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract Multiple security vulnerabilities exist in the IBM Java SDK shipped with IBM WebSphere Application Server that affects IBM InfoSphere Master Data Management versions 8.5, 9.0.1, 9.0.2, 10.0.0, 10.1.0,and 11.0.0 Content VULNERABILITY DETAILS: CVE-2013-0440 - Unspecified vulnerability in...

5CVSS0.7AI score0.35584EPSS
Exploits2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 9:6 p.m.24 views

Security Bulletin: Multiple JRE vulnerabilities addressed in IBM Sterling External Authentication Server (CVE-2013-1571, CVE-2013-1500, CVE-2013-0443, CVE-2013-0440, CVE-2013-0169)

Abstract The IBM JRE embedded in the IBM Sterling External Authentication Server has security vulnerabilities in its Javadoc, and in SSL connections to the configuration GUI. Content VULNERABILITY DETAILS CVE ID: CVE-2013-1571 DESCRIPTION: The Javadoc documentation generated for the Sterling...

7.8CVSS7.9AI score0.66817EPSS
Exploits4
Rows per page
Query Builder