Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rsa vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5388
NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an malicious user to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
NA
CVE-2024-2236
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote malicious user to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
1 Github repository
NA
CVE-2023-48703
RobotsAndPencils go-saml, a SAML client library written in Go, contains an authentication bypass vulnerability in all known versions. This is due to how the `xmlsec1` command line tool is called internally to verify the signature of SAML assertions. When `xmlsec1` is used without...
5.5
CVSSv3
CVE-2023-52472
In the Linux kernel, the following vulnerability has been resolved: crypto: rsa - add a check for allocation failure Static checkers insist that the mpi_alloc() allocation can fail so add a check to prevent a NULL dereference. Small allocations like this can't actually fail ...
Linux Linux Kernel
NA
CVE-2024-24681
An issue exists in Yealink Configuration Encrypt Tool (AES version) and Yealink Configuration Encrypt Tool (RSA version prior to 1.2). There is a single hardcoded key (used to encrypt provisioning documents) across customers' installations.
NA
CVE-2022-48625
Yealink Config Encrypt Tool add RSA prior to 1.2 has a built-in RSA key pair, and thus there is a risk of decryption by an adversary.
NA
CVE-2023-6935
wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure: --enable-all CFLAGS="-DWOLFSSL_STATIC_RSA" The define “WOLFSSL_STATIC_RSA” e...
2 Github repositories
7.5
CVSSv3
CVE-2023-50781
A flaw was found in m2crypto. This issue may allow a remote malicious user to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Update Infrastructure 4
M2crypto Project M2crypto -
7.5
CVSSv3
CVE-2023-50782
A flaw was found in the python-cryptography package. This issue may allow a remote malicious user to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.
Redhat Ansible Automation Platform 2.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Update Infrastructure 4
Python-cryptography Project Python-cryptography
5.9
CVSSv3
CVE-2024-0202
A security vulnerability has been identified in the cryptlib cryptographic library when cryptlib is compiled with the support for RSA key exchange ciphersuites in TLS (by setting the USE_RSA_SUITES define), it will be vulnerable to the timing variant of the Bleichenbacher attack....
Cryptlib Cryptlib
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »