Total
475 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-27170 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-02-04 | 1.9 LOW | 4.7 MEDIUM |
| An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This affects pointer types that do not define a ptr_limit. | |||||
| CVE-2020-5143 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0. | |||||
| CVE-2020-4699 | 1 Ibm | 2 Security Access Manager, Security Verify Access | 2024-02-04 | 2.9 LOW | 5.3 MEDIUM |
| IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the system. IBM X-Force ID: 186947. | |||||
| CVE-2020-12401 | 1 Mozilla | 1 Firefox | 2024-02-04 | 1.9 LOW | 4.7 MEDIUM |
| During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80. | |||||
| CVE-2020-0464 | 1 Google | 1 Android | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure. This could lead to local information disclosure of accessed web resources with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150371903 | |||||
| CVE-2020-12912 | 1 Amd | 1 Energy Driver For Linux | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to use the Linux-based Running Average Power Limit (RAPL) interface to show various side channel attacks. In line with industry partners, AMD has updated the RAPL interface to require privileged access. | |||||
| CVE-2020-28208 | 1 Rocket.chat | 1 Rocket.chat | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1. | |||||
| CVE-2020-9389 | 1 Squaredup | 1 Squaredup | 2024-02-04 | 4.3 MEDIUM | 3.7 LOW |
| A username enumeration issue was discovered in SquaredUp before version 4.6.0. The login functionality was implemented in a way that would enable a malicious user to guess valid username due to a different response time from invalid usernames. | |||||
| CVE-2020-4660 | 1 Ibm | 2 Security Access Manager, Security Verify Access | 2024-02-04 | 2.9 LOW | 5.3 MEDIUM |
| IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the system. IBM X-Force ID: 186140. | |||||
| CVE-2020-26939 | 1 Bouncycastle | 2 Legion-of-the-bouncy-castle, Legion-of-the-bouncy-castle-fips-java-api | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext that decrypts to a short payload in the OAEP Decoder could result in the throwing of an early exception, potentially leaking some information about the private exponent of the RSA private key performing the encryption. | |||||
| CVE-2020-29480 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2024-02-04 | 2.1 LOW | 2.3 LOW |
| An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any permission checks when reporting a xenstore watch event. A guest administrator can watch the root xenstored node, which will cause notifications for every created, modified, and deleted key. A guest administrator can also use the special watches, which will cause a notification every time a domain is created and destroyed. Data may include: number, type, and domids of other VMs; existence and domids of driver domains; numbers of virtual interfaces, block devices, vcpus; existence of virtual framebuffers and their backend style (e.g., existence of VNC service); Xen VM UUIDs for other domains; timing information about domain creation and device setup; and some hints at the backend provisioning of VMs and their devices. The watch events do not contain values stored in xenstore, only key names. A guest administrator can observe non-sensitive domain and device lifecycle events relating to other guests. This information allows some insight into overall system configuration (including the number and general nature of other guests), and configuration of other guests (including the number and general nature of other guests' devices). This information might be commercially interesting or might make other attacks easier. There is not believed to be exposure of sensitive data. Specifically, there is no exposure of VNC passwords, port numbers, pathnames in host and guest filesystems, cryptographic keys, or within-guest data. | |||||
| CVE-2020-1685 | 1 Juniper | 8 Junos, Qfx5100, Qfx5110 and 5 more | 2024-02-04 | 5.0 MEDIUM | 5.8 MEDIUM |
| When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series devices using Virtual Extensible LAN protocol (VXLAN), the discard action will fail to discard traffic under certain conditions. Given a firewall filter configuration similar to: family ethernet-switching { filter L2-VLAN { term ALLOW { from { user-vlan-id 100; } then { accept; } } term NON-MATCH { then { discard; } } when there is only one term containing a 'user-vlan-id' match condition, and no other terms in the firewall filter except discard, the discard action for non-matching traffic will only discard traffic with the same VLAN ID specified under 'user-vlan-id'. Other traffic (e.g. VLAN ID 200) will not be discarded. This unexpected behavior can lead to unintended traffic passing through the interface where the firewall filter is applied. This issue only affects systems using VXLANs. This issue affects Juniper Networks Junos OS on QFX5K Series: 18.1 versions prior to 18.1R3-S7, except 18.1R3; 18.2 versions prior to 18.2R2-S7, 18.2R3-S1; 18.3 versions prior to 18.3R1-S5, 18.3R2-S4, 18.3R3; 18.4 versions prior to 18.4R1-S7, 18.4R2-S1, 18.4R3; 19.1 versions prior to 19.1R1-S5, 19.1R2; 19.2 versions prior to 19.2R1-S5, 19.2R2. | |||||
| CVE-2020-3509 | 1 Cisco | 2 Cbr-8, Ios Xe | 2024-02-04 | 7.8 HIGH | 8.6 HIGH |
| A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient error handling when DHCP version 4 (DHCPv4) messages are parsed. An attacker could exploit this vulnerability by sending a malicious DHCPv4 message to or through a WAN interface of an affected device. A successful exploit could allow the attacker to cause a reload of the affected device. Note: On Cisco cBR-8 Converged Broadband Routers, all of the following are considered WAN interfaces: 10 Gbps Ethernet interfaces 100 Gbps Ethernet interfaces Port channel interfaces that include multiple 10 and/or 100 Gbps Ethernet interfaces | |||||
| CVE-2021-21181 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |||||
| CVE-2020-4661 | 1 Ibm | 2 Security Access Manager, Security Verify Access | 2024-02-04 | 2.9 LOW | 5.3 MEDIUM |
| IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the system. IBM X-Force ID: 186142. | |||||
| CVE-2020-12402 | 4 Debian, Fedoraproject, Mozilla and 1 more | 4 Debian Linux, Fedora, Firefox and 1 more | 2024-02-04 | 1.2 LOW | 4.4 MEDIUM |
| During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox < 78. | |||||
| CVE-2020-9588 | 1 Magento | 1 Magento | 2024-02-04 | 6.5 MEDIUM | 7.2 HIGH |
| Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass. | |||||
| CVE-2020-16150 | 3 Arm, Debian, Fedoraproject | 3 Mbed Tls, Debian Linux, Fedora | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length. | |||||
| CVE-2020-13844 | 2 Arm, Opensuse | 15 Cortex-a32, Cortex-a32 Firmware, Cortex-a34 and 12 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." | |||||
| CVE-2020-6531 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-02-04 | 4.3 MEDIUM | 4.3 MEDIUM |
| Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||