exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 30

CVE-2020-6829

больше 5 лет назад

When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox < 80 and Firefox for Android < 80.

CVSS3: 5.3

EPSS: Низкий

CVE-2020-6829

больше 5 лет назад

When performing EC scalar point multiplication, the wNAF point multipl ...

CVSS3: 5.3

EPSS: Низкий

CVE-2020-12403

больше 4 лет назад

A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.

CVSS3: 9.1

EPSS: Низкий

CVE-2020-12403

больше 5 лет назад

CVSS3: 7.4

EPSS: Низкий

CVE-2020-12403

больше 4 лет назад

CVSS3: 9.1

EPSS: Низкий

CVE-2020-12403

больше 4 лет назад

A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20 it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.

CVSS3: 9.1

EPSS: Низкий

CVE-2020-12403

больше 4 лет назад

A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS i ...

CVSS3: 9.1

EPSS: Низкий

GHSA-cc99-55qg-f87r

больше 3 лет назад

CVSS3: 5.3

EPSS: Низкий

GHSA-9h25-47mw-52hh

больше 3 лет назад

CVSS3: 9.1

EPSS: Низкий

BDU:2020-03953

больше 5 лет назад

Уязвимость компонента Knowledge Management программной интеграционной платформы SAP NetWeaver, позволяющая нарушителю осуществить межсайтовые сценарные атаки

CVSS3: 9

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2020-6829 When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox < 80 and Firefox for Android < 80.	CVSS3: 5.3	0% Низкий	больше 5 лет назад
CVE-2020-6829 When performing EC scalar point multiplication, the wNAF point multipl ...	CVSS3: 5.3	0% Низкий	больше 5 лет назад
CVE-2020-12403 A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.	CVSS3: 9.1	0% Низкий	больше 4 лет назад
CVE-2020-12403 A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.	CVSS3: 7.4	0% Низкий	больше 5 лет назад
CVE-2020-12403 A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.	CVSS3: 9.1	0% Низкий	больше 4 лет назад
CVE-2020-12403 A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20 it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.	CVSS3: 9.1	0% Низкий	больше 4 лет назад
CVE-2020-12403 A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS i ...	CVSS3: 9.1	0% Низкий	больше 4 лет назад
GHSA-cc99-55qg-f87r When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox < 80 and Firefox for Android < 80.	CVSS3: 5.3	0% Низкий	больше 3 лет назад
GHSA-9h25-47mw-52hh A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.	CVSS3: 9.1	0% Низкий	больше 3 лет назад
BDU:2020-03953 Уязвимость компонента Knowledge Management программной интеграционной платформы SAP NetWeaver, позволяющая нарушителю осуществить межсайтовые сценарные атаки	CVSS3: 9	0% Низкий	больше 5 лет назад

Уязвимостей на страницу