IDCVSSSummaryLast (major) updatePublished
CVE-2018-12438 1.9
The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the loc
14-06-2018 - 22:29 14-06-2018 - 22:29
CVE-2018-12437 1.9
LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual mac
14-06-2018 - 22:29 14-06-2018 - 22:29
CVE-2018-12434 1.9
LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a di
14-06-2018 - 22:29 14-06-2018 - 22:29
CVE-2018-12433 1.9
** DISPUTED ** cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different
14-06-2018 - 22:29 14-06-2018 - 22:29
CVE-2018-8970 5.8
The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in
24-03-2018 - 17:29 24-03-2018 - 17:29
CVE-2017-8301 2.6
LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of inval
10-05-2017 - 12:49 27-04-2017 - 13:59
CVE-2014-9424 7.5
Double free vulnerability in the ssl_parse_clienthello_use_srtp_ext function in d1_srtp.c in LibreSSL before 2.1.2 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a certain length-verificat
30-12-2014 - 10:35 28-12-2014 - 19:59
Back to Top Mark selected
Back to Top