CVE-2018-0495
- EPSS 0.23%
- Veröffentlicht 13.06.2018 23:29:00
- Zuletzt bearbeitet 21.11.2024 03:38:21
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka ...
CVE-2015-7182
- EPSS 24.24%
- Veröffentlicht 05.11.2015 05:59:06
- Zuletzt bearbeitet 12.04.2025 10:46:40
Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause ...
CVE-2013-1620
- EPSS 0.81%
- Veröffentlicht 08.02.2013 19:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct di...