Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crypto vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-34381
Dell BSAFE SSL-J version 7.0 and all versions before 6.5, and Dell BSAFE Crypto-J versions before 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to the compromise of th...
Dell Bsafe Ssl-j 7.0
Dell Bsafe Ssl-j
Dell Bsafe Crypto-j
5.9
CVSSv3
CVE-2020-10941
Arm Mbed TLS prior to 2.16.5 allows malicious users to obtain sensitive information (an RSA private key) by measuring cache usage during an import.
Arm Mbed Crypto
Arm Mbed Tls
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 10.0
4.7
CVSSv3
CVE-2019-18222
The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS up to and including 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local malicious user to recover the private key via side-channel attacks.
Arm Mbed Tls
Arm Mbed Crypto
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 10.0
5.3
CVSSv3
CVE-2019-16910
Arm Mbed TLS prior to 2.19.0 and Arm Mbed Crypto prior to 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an malicious user to recover a private key via side-channel attacks if a victim signs the same message many t...
Arm Mbed Crypto
Arm Mbed Tls
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2020-29505
Dell BSAFE Crypto-C Micro Edition, versions prior to 4.1.5, and Dell BSAFE Micro Edition Suite, versions prior to 4.5.2, contain a Key Management Error Vulnerability.
Dell Bsafe Micro-edition-suite
Dell Bsafe Crypto-c-micro-edition
Oracle Retail Customer Insights 15.0.2
Oracle Retail Customer Insights 16.0.2
6.5
CVSSv3
CVE-2021-40125
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote malicious user to trigger a denial of service (DoS) condition o...
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance Software
Cisco Asa 5512-x Firmware 009.016\\(001.025\\)
Cisco Asa 5505 Firmware 009.016\\(001.025\\)
Cisco Asa 5515-x Firmware 009.016\\(001.025\\)
Cisco Asa 5525-x Firmware 009.016\\(001.025\\)
Cisco Asa 5545-x Firmware 009.016\\(001.025\\)
Cisco Asa 5555-x Firmware 009.016\\(001.025\\)
Cisco Asa 5580 Firmware 009.016\\(001.025\\)
Cisco Asa 5585-x Firmware 009.016\\(001.025\\)
5.9
CVSSv3
CVE-2020-15522
Bouncy Castle BC Java prior to 1.66, BC C# .NET prior to 1.8.7, BC-FJA prior to 1.0.1.2, 1.0.2.1, and BC-FNA prior to 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information fo...
Bouncycastle Bc-csharp
Bouncycastle Bouncy Castle Fips .net Api
Bouncycastle Legion-of-the-bouncy-castle-fips-java-api
Bouncycastle The Bouncy Castle Crypto Package For Java
2 Github repositories
7.5
CVSSv3
CVE-2018-0154
A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insuffic...
Cisco Ios -
9.8
CVSSv3
CVE-2013-7459
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote malicious users to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.
Dlitz Pycrypto
Fedoraproject Fedora 25
Fedoraproject Fedora 24
7.4
CVSSv3
CVE-2022-20742
A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due t...
Cisco Firepower Threat Defense 7.1.0
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance Software
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »