Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1476 matches found

OSV
OSVadded 2019/12/25 12:15 a.m.1 views

UBUNTU-CVE-2019-19960

In wolfSSL before 4.3.0, wceccmulmodex does not properly resist side-channel attacks...

5.3CVSS6AI score0.00955EPSS
Exploits0References5
Prion
Prionadded 2019/12/25 12:15 a.m.26 views

Design/Logic Flaw

wolfSSL before 4.3.0 mishandles calls to wcSignatureGenerateHash, leading to fault injection in RSA cryptography...

5CVSS7.6AI score0.00904EPSS
Exploits0References2Affected Software1
CNVD
CNVDadded 2019/12/25 12:0 a.m.3 views

wolfSSL encryption issue vulnerability

wolfSSL formerly known as CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. A security vulnerability exists in wolfSSL versions prior to 4.3.0 that stems from the program failing to properly handle calls to the...

7.5CVSS6.8AI score0.00904EPSS
Exploits0References1
CVE
CVEadded 2019/12/24 11:4 p.m.59 views

CVE-2019-19960

The CVE-2019-19960 issue affects wolfSSL prior to 4.3.0 where wc_ecc_mulmod_ex does not properly resist side-channel attacks. This is described across multiple sources (e.g., NVD entry; wolfSSL 4.3.0-stable release). The vulnerability impacts confidentiality (as indicated by CVSS 3.1: MEDIUM, bas...

5.3CVSS5.3AI score0.00955EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2019/12/24 11:4 p.m.17 views

CVE-2019-19960

In wolfSSL before 4.3.0, wceccmulmodex does not properly resist side-channel attacks...

5.3AI score0.00955EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2019/12/24 11:4 p.m.19 views

CVE-2019-19960

In wolfSSL before 4.3.0, wceccmulmodex does not properly resist side-channel attacks...

5.3CVSS2.5AI score0.00955EPSS
Exploits0
Cvelist
Cvelistadded 2019/12/24 11:3 p.m.25 views

CVE-2019-19962

wolfSSL before 4.3.0 mishandles calls to wcSignatureGenerateHash, leading to fault injection in RSA cryptography...

7.6AI score0.00904EPSS
Exploits0References2
CVE
CVEadded 2019/12/24 11:3 p.m.60 views

CVE-2019-19962

CVE-2019-19962 affects wolfSSL older than 4.3.0. The vulnerability arises from mishandling calls to wc_SignatureGenerateHash, enabling fault injection in RSA cryptography. Impact per sources is confined to information in the provided documents; no exploitation details are given beyond fault injec...

7.5CVSS7.6AI score0.00904EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2019/12/24 11:3 p.m.16 views

CVE-2019-19962

wolfSSL before 4.3.0 mishandles calls to wcSignatureGenerateHash, leading to fault injection in RSA cryptography...

7.5CVSS3.3AI score0.00904EPSS
Exploits0
Cvelist
Cvelistadded 2019/12/24 11:3 p.m.19 views

CVE-2019-19963

An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce...

5.2AI score0.00955EPSS
Exploits0References2
CVE
CVEadded 2019/12/24 11:3 p.m.55 views

CVE-2019-19963

wolfSSL before 4.3.0 in a non-default configuration with DSA enabled is vulnerable. DSA signing uses the BEEA algorithm during nonce modular inversion, enabling a side-channel attack on the nonce. Affected: wolfSSL prior to 4.3.0 (non-default DSA). Remediation: upgrade to 4.3.0-stable (or apply v...

5.3CVSS5.2AI score0.00955EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2019/12/24 11:3 p.m.16 views

CVE-2019-19963

An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce...

5.3CVSS3.5AI score0.00955EPSS
Exploits0
CNVD
CNVDadded 2019/12/24 12:0 a.m.2 views

Unspecified vulnerability in wolfSSL (CNVD-2020-01645)

wolfSSL formerly known as CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. A security vulnerability exists in wolfSSL versions prior to 4.3.0, which can be exploited by an attacker to perform a side-channel atta...

5.3CVSS6.8AI score0.00955EPSS
Exploits0References1
CNVD
CNVDadded 2019/12/24 12:0 a.m.2 views

Unspecified vulnerability in wolfSSL (CNVD-2020-01644)

wolfSSL formerly known as CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. A security vulnerability exists in the 'wceccmulmodex' function in wolfSSL versions prior to 4.3.0, which can be exploited by an attacke...

5.3CVSS6.8AI score0.00955EPSS
Exploits0References1
OSV
OSVadded 2019/12/11 6:16 p.m.15 views

CVE-2019-14317

wolfSSL and wolfCrypt 4.1.0 and earlier formerly known as CyaSSL generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces...

5.3CVSS6.8AI score
Exploits0References1
NVD
NVDadded 2019/12/11 6:16 p.m.16 views

CVE-2019-14317

wolfSSL and wolfCrypt 4.1.0 and earlier formerly known as CyaSSL generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces...

5.3CVSS5.2AI score0.01755EPSS
Exploits0References1
OSV
OSVadded 2019/12/11 6:16 p.m.2 views

DEBIAN-CVE-2019-14317

wolfSSL and wolfCrypt 4.1.0 and earlier formerly known as CyaSSL generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces...

5.3CVSS5.8AI score0.01755EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2019/12/11 6:16 p.m.24 views

CVE-2019-14317

wolfSSL and wolfCrypt 4.1.0 and earlier formerly known as CyaSSL generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces...

5.3CVSS6.2AI score0.01755EPSS
Exploits0References2
Prion
Prionadded 2019/12/11 6:16 p.m.13 views

Code injection

wolfSSL and wolfCrypt 4.1.0 and earlier formerly known as CyaSSL generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces...

4.3CVSS5.2AI score0.01755EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2019/12/11 6:16 p.m.1 views

UBUNTU-CVE-2019-14317

wolfSSL and wolfCrypt 4.1.0 and earlier formerly known as CyaSSL generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces...

5.3CVSS6.1AI score0.01755EPSS
Exploits0References3
Rows per page
Query Builder