Total
632 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-23218 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | N/A | 5.9 MEDIUM |
| A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key. | |||||
| CVE-2024-23170 | 1 Arm | 1 Mbed Tls | 2024-11-21 | N/A | 5.5 MEDIUM |
| An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario. | |||||
| CVE-2024-22647 | 1 Seopanel | 1 Seo Panel | 2024-11-21 | N/A | 5.3 MEDIUM |
| An user enumeration vulnerability was found in SEO Panel 4.10.0. This issue occurs during user authentication, where a difference in error messages could allow an attacker to determine if a username is valid or not, enabling a brute-force attack with valid usernames. | |||||
| CVE-2024-21671 | 1 Vantage6 | 1 Vantage6 | 2024-11-21 | N/A | 3.7 LOW |
| The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). It is possible to find out usernames from the response time of login requests. This could aid attackers in credential attacks. Version 4.2.0 patches this vulnerability. | |||||
| CVE-2024-21484 | 1 Jsrsasign Project | 1 Jsrsasign | 2024-11-21 | N/A | 7.5 HIGH |
| Versions of the package jsrsasign before 11.0.0 are vulnerable to Observable Discrepancy via the RSA PKCS1.5 or RSAOAEP decryption process. An attacker can decrypt ciphertexts by exploiting the Marvin security flaw. Exploiting this vulnerability requires the attacker to have access to a large number of ciphertexts encrypted with the same key. Workaround The vulnerability can be mitigated by finding and replacing RSA and RSAOAEP decryption with another crypto library. | |||||
| CVE-2024-0914 | 2 Opencryptoki Project, Redhat | 2 Opencryptoki, Enterprise Linux | 2024-11-21 | N/A | 5.9 MEDIUM |
| A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key. | |||||
| CVE-2024-0553 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Gnutls, Enterprise Linux | 2024-11-21 | N/A | 7.5 HIGH |
| A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981. | |||||
| CVE-2024-0202 | 1 Cryptlib | 1 Cryptlib | 2024-11-21 | N/A | 5.9 MEDIUM |
| A security vulnerability has been identified in the cryptlib cryptographic library when cryptlib is compiled with the support for RSA key exchange ciphersuites in TLS (by setting the USE_RSA_SUITES define), it will be vulnerable to the timing variant of the Bleichenbacher attack. An attacker that is able to perform a large number of connections to the server will be able to decrypt RSA ciphertexts or forge signatures using server's certificate. | |||||
| CVE-2023-6258 | 1 Latchset | 1 Pkcs11-provider | 2024-11-21 | N/A | 8.1 HIGH |
| A security vulnerability has been identified in the pkcs11-provider, which is associated with Public-Key Cryptography Standards (PKCS#11). If exploited successfully, this vulnerability could result in a Bleichenbacher-like security flaw, potentially enabling a side-channel attack on PKCS#1 1.5 decryption. | |||||
| CVE-2023-6240 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A | 6.5 MEDIUM |
| A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key. | |||||
| CVE-2023-6135 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A | 4.3 MEDIUM |
| Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121. | |||||
| CVE-2023-5992 | 2 Opensc Project, Redhat | 11 Opensc, Enterprise Linux, Enterprise Linux Eus and 8 more | 2024-11-21 | N/A | 5.6 MEDIUM |
| A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data. | |||||
| CVE-2023-5981 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Gnutls, Linux | 2024-11-21 | N/A | 5.9 MEDIUM |
| A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. | |||||
| CVE-2023-5722 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A | 5.3 MEDIUM |
| Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119. | |||||
| CVE-2023-5410 | 2024-11-21 | N/A | 8.2 HIGH | ||
| A potential security vulnerability has been reported in the system BIOS of certain HP PC products, which might allow memory tampering. HP is releasing mitigation for the potential vulnerability. | |||||
| CVE-2023-52323 | 1 Pycryptodome | 2 Pycryptodome, Pycryptodomex | 2024-11-21 | N/A | 5.9 MEDIUM |
| PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack. | |||||
| CVE-2023-51437 | 1 Apache | 1 Pulsar | 2024-11-21 | N/A | 7.4 HIGH |
| Observable timing discrepancy vulnerability in Apache Pulsar SASL Authentication Provider can allow an attacker to forge a SASL Role Token that will pass signature verification. Users are recommended to upgrade to version 2.11.3, 3.0.2, or 3.1.1 which fixes the issue. Users should also consider updating the configured secret in the `saslJaasServerRoleTokenSignerSecretPath` file. Any component matching an above version running the SASL Authentication Provider is affected. That includes the Pulsar Broker, Proxy, Websocket Proxy, or Function Worker. 2.11 Pulsar users should upgrade to at least 2.11.3. 3.0 Pulsar users should upgrade to at least 3.0.2. 3.1 Pulsar users should upgrade to at least 3.1.1. Any users running Pulsar 2.8, 2.9, 2.10, and earlier should upgrade to one of the above patched versions. For additional details on this attack vector, please refer to https://codahale.com/a-lesson-in-timing-attacks/ . | |||||
| CVE-2023-50979 | 1 Cryptopp | 1 Crypto\+\+ | 2024-11-21 | N/A | 5.9 MEDIUM |
| Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during decryption with PKCS#1 v1.5 padding. | |||||
| CVE-2023-50782 | 3 Couchbase, Cryptography.io, Redhat | 5 Couchbase Server, Cryptography, Ansible Automation Platform and 2 more | 2024-11-21 | N/A | 7.5 HIGH |
| A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. | |||||
| CVE-2023-50781 | 2 M2crypto Project, Redhat | 3 M2crypto, Enterprise Linux, Update Infrastructure | 2024-11-21 | N/A | 7.5 HIGH |
| A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. | |||||