1492 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-6937
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL prior to 5.6.6 did not check that messages in one DTLS record do not span key boundaries. As a result, it was possible to combine DTLS messages using...
Linux Distros Unpatched Vulnerability : CVE-2022-38152
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSLclear is called on its session, the server crashes wi...
Linux Distros Unpatched Vulnerability : CVE-2023-6935
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following...
Linux Distros Unpatched Vulnerability : CVE-2024-2881
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Fault Injection vulnerability in wced25519signmsg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker...
Linux Distros Unpatched Vulnerability : CVE-2022-34293
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL before 5.4.0 allows remote attackers to cause a denial of service via DTLS because a check for return-routability can be skipped. CVE-2022-34293 Note th...
Linux Distros Unpatched Vulnerability : CVE-2024-1545
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker...
Linux Distros Unpatched Vulnerability : CVE-2023-6936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wolfSSL prior to 5.6.6, if callback functions are enabled via the WOLFSSLCALLBACKS flag, then a malicious TLS client or network attacker can trigger a buffer...
SUSE CVE-2024-5288
An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSLCHECKSIGFAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault...
Azure Linux 3.0 Security Update: mariadb (CVE-2023-6937)
The version of mariadb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6937 advisory. - wolfSSL prior to 5.6.6 did not check that messages in one DTLS record do not span key boundaries. As a resul...
Azure Linux 3.0 Security Update: mariadb (CVE-2024-5288)
The version of mariadb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-5288 advisory. - An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, lead...
Azure Linux 3.0 Security Update: mariadb (CVE-2024-1543)
The version of mariadb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1543 advisory. - The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-...
Azure Linux 3.0 Security Update: mariadb (CVE-2023-6935)
The version of mariadb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6935 advisory. - wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing...
Azure Linux 3.0 Security Update: mariadb (CVE-2024-2881)
The version of mariadb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2881 advisory. - Fault Injection vulnerability in wced25519signmsg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL...
Azure Linux 3.0 Security Update: mariadb (CVE-2023-6936)
The version of mariadb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6936 advisory. - In wolfSSL prior to 5.6.6, if callback functions are enabled via the WOLFSSLCALLBACKS flag, then a malicious...
CBL Mariner 2.0 Security Update: mariadb (CVE-2024-1545)
The version of mariadb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1545 advisory. - Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL...
CBL Mariner 2.0 Security Update: mariadb (CVE-2024-5288)
The version of mariadb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-5288 advisory. - An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, lead...
CBL Mariner 2.0 Security Update: mariadb (CVE-2023-6935)
The version of mariadb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6935 advisory. - wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing...
CBL Mariner 2.0 Security Update: mariadb (CVE-2023-3724)
The version of mariadb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3724 advisory. - If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connectin...
CBL Mariner 2.0 Security Update: mariadb (CVE-2024-1543)
The version of mariadb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1543 advisory. - The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-...
CBL Mariner 2.0 Security Update: mariadb (CVE-2023-6937)
The version of mariadb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6937 advisory. - wolfSSL prior to 5.6.6 did not check that messages in one DTLS record do not span key boundaries. As a resul...