Lucene search
K

29 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.12 views

SUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2026:2115-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2115-1 advisory. This update for gnutls fixes the following issues - CVE-2026-3833: x509/name-constraints: compare domain names...

9.8CVSS5.7AI score0.01335EPSS
Exploits1References37
OSV
OSV
added 2026/05/22 9:56 a.m.7 views

SUSE-SU-2026:21867-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. - CVE-2026-5419: gnutlscipherdecrypt3: make PKCS7 unpadding...

9.8CVSS5.8AI score0.01335EPSS
Exploits1References25
OSV
OSV
added 2026/05/18 10:8 a.m.8 views

OPENSUSE-SU-2026:20778-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3832: cert-session: fix multi-entry OCSP revocation bypass bsc1263706. - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short...

9.8CVSS5.8AI score0.01335EPSS
Exploits2References26
Vulnrichment
Vulnrichment
added 2026/03/20 2:48 a.m.3 views

CVE-2026-32935 phpseclib's AES-CBC unpadding susceptible to padding oracle timing attack

phpseclib is a PHP secure communications library. Projects using versions 0.1.1 through 1.0.26, 2.0.0 through 2.0.51, and 3.0.0 through 3.0.49 are vulnerable to a to padding oracle timing attack when using AES in CBC mode. This issue has been fixed in versions 1.0.27, 2.0.52 and 3.0.50...

8.2CVSS5.7AI score0.00374EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/19 4:42 p.m.10 views

phpseclib's AES-CBC unpadding susceptible to padding oracle timing attack

Impact Those using AES in CBC mode may be susceptible to a padding oracle timing attack. Patches https://github.com/phpseclib/phpseclib/commit/ccc21aef71eb170e9bf819b167e67d1fd9e6e788 Workarounds Use AES in CTR, CFB or OFB modes References...

8.2CVSS5.7AI score0.00374EPSS
Exploits0References4Affected Software1
Mageia
Mageia
added 2020/07/31 11:25 p.m.18 views

Updated botan2 packages fix security vulnerability

The CBC padding operations were not constant time and as a result would leak the length of the plaintext values which were being padded to an attacker running a side channel attack via shared resources such as cache or branch predictor. No information about the contents was leaked, but the length...

1.1AI score
Exploits0References3
Veracode
Veracode
added 2019/05/02 5:2 a.m.36 views

Information Disclosure

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when...

10CVSS8.6AI score0.07571EPSS
Exploits0References12Affected Software1
Veracode
Veracode
added 2019/05/02 5:2 a.m.39 views

Information Disclosure

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when...

10CVSS8.6AI score0.07571EPSS
Exploits0References17Affected Software2
Cvelist
Cvelist
added 2018/09/11 7:0 p.m.18 views

CVE-2018-11070

RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during PKCS 1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key...

5.9CVSS5.7AI score0.01656EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/05/02 12:0 a.m.27 views

Debian Security Advisory DSA 3565-1 (botan1.10 - security update)

Several security vulnerabilities were found in botan1.10, a C++ library which provides support for many common cryptographic operations, including encryption, authentication, X.509v3 certificates and CRLs. CVE-2015-5726 The BER decoder would crash due to reading from offset 0 of an empty vector i...

10CVSS8.2AI score0.06677EPSS
Exploits0References1
Debian
Debian
added 2016/04/30 11:48 a.m.29 views

[SECURITY] [DLA 449-1] botan1.10 security update

Package : botan1.10 Version : 1.10.5-1+deb7u1 CVE ID : CVE-2014-9742 CVE-2015-5726 CVE-2015-5727 CVE-2015-7827 CVE-2016-2194 CVE-2016-2195 CVE-2016-2849 Several security vulnerabilities were found in botan1.10, a C++ library which provides support for many common cryptographic operations, includi...

10CVSS8.8AI score0.06677EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/07/30 12:0 a.m.47 views

RHEL 7 : java-1.7.0-openjdk (RHSA-2014:0675)

Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

10CVSS7.9AI score0.07571EPSS
Exploits0References49
Tenable Nessus
Tenable Nessus
added 2014/07/30 12:0 a.m.61 views

RHEL 7 : java-1.6.0-openjdk (RHSA-2014:0685)

Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

10CVSS7.8AI score0.07571EPSS
Exploits0References39
RedHat Linux
RedHat Linux
added 2014/07/29 3:40 p.m.6 views

OpenJDK: RSA unpadding timing issues (Security, 8027766)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security...

4CVSS6.8AI score0.04899EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 1:7 p.m.4 views

OpenJDK: RSA unpadding timing issues (Security, 8027766)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security...

4CVSS6.8AI score0.04899EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/06/10 12:13 p.m.5 views

OpenJDK: RSA unpadding timing issues (Security, 8027766)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security...

4CVSS7AI score0.04899EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/05/15 6:19 p.m.5 views

OpenJDK: RSA unpadding timing issues (Security, 8027766)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security...

4CVSS6.8AI score0.04899EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/05/15 5:28 p.m.6 views

OpenJDK: RSA unpadding timing issues (Security, 8027766)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security...

4CVSS6.8AI score0.04899EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/05/13 7:47 p.m.3 views

OpenJDK: RSA unpadding timing issues (Security, 8027766)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security...

4CVSS6.8AI score0.04899EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2014/04/21 12:0 a.m.55 views

RedHat Update for java-1.6.0-openjdk RHSA-2014:0408-01

Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test RedHat Update for java-1.6.0-openjdk RHSA-2014:0408-01 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

10CVSS0.2AI score0.07571EPSS
Exploits0References2
Rows per page
Query Builder