Total
613 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-18222 | 3 Arm, Debian, Fedoraproject | 4 Mbed Crypto, Mbed Tls, Debian Linux and 1 more | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks. | |||||
| CVE-2019-16863 | 1 St | 8 St33tphf20i2c, St33tphf20i2c Firmware, St33tphf20spi and 5 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL. | |||||
| CVE-2019-16669 | 1 Pagekit | 1 Pagekit | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Reset Password feature in Pagekit 1.0.17 gives a different response depending on whether the e-mail address of a valid user account is entered, which might make it easier for attackers to enumerate accounts. | |||||
| CVE-2019-16516 | 1 Connectwise | 1 Control | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a user enumeration vulnerability, allowing an unauthenticated attacker to determine with certainty if an account exists for a given username. | |||||
| CVE-2019-16394 | 3 Canonical, Debian, Spip | 3 Ubuntu Linux, Debian Linux, Spip | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers. | |||||
| CVE-2019-15809 | 5 Athena-scs, Cryptsoft, Microchip and 2 more | 5 Idprotect, S\/a Idflex V, Atmel Toolbox and 2 more | 2024-11-21 | 1.2 LOW | 4.7 MEDIUM |
| Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because the Atmel Toolbox 00.03.11.05 contains two versions of ECDSA signature functions, described as fast and secure, but the affected cards chose to use the fast version, which leaks the bit length of the random nonce via timing. This affects Athena IDProtect 010b.0352.0005, Athena IDProtect 010e.1245.0002, Athena IDProtect 0106.0130.0401, Athena IDProtect 010e.1245.0002, Valid S/A IDflex V 010b.0352.0005, SafeNet eToken 4300 010e.1245.0002, TecSec Armored Card 010e.0264.0001, and TecSec Armored Card 108.0264.0001. | |||||
| CVE-2019-14356 | 1 Coinkite | 4 Coldcard Mk1, Coldcard Mk1 Firmware, Coldcard Mk2 and 1 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| ** DISPUTED ** On Coldcard MK1 and MK2 devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. On Coldcard MK1 and MK2 devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial recovery of display contents. For example, a hardware implant in the USB cable might be able to leverage this behavior to recover confidential secrets such as the PIN and BIP39 mnemonic. In other words, the side channel is relevant only if the attacker has enough control over the device's USB connection to make power-consumption measurements at a time when secret data is displayed. The side channel is not relevant in other circumstances, such as a stolen device that is not currently displaying secret data. NOTE: At Coinkite, we’ve already mitigated it, even though we feel strongly that it is not a legitimate issue. In our opinion, it is both unproven (might not even work) and also completely impractical—even if it could be made to work perfectly. | |||||
| CVE-2019-13628 | 1 Wolfssl | 1 Wolfssl | 2024-11-21 | 1.2 LOW | 4.7 MEDIUM |
| wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --enable-fpecc, --enable-sp, or --enable-sp-math) contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to precisely measure the duration of signature operations, to infer information about the nonces used and potentially mount a lattice attack to recover the private key used. The issue occurs because ecc.c scalar multiplication might leak the bit length. | |||||
| CVE-2019-13599 | 1 Centos-webpanel | 1 Centos Web Panel | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.848, the Login process allows attackers to check whether a username is valid by comparing response times. | |||||
| CVE-2019-13456 | 4 Freeradius, Linux, Opensuse and 1 more | 4 Freeradius, Linux Kernel, Leap and 1 more | 2024-11-21 | 2.9 LOW | 6.5 MEDIUM |
| In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the "Dragonblood" attack and CVE-2019-9494. | |||||
| CVE-2019-13420 | 1 Search-guard | 1 Search Guard | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Search Guard versions before 21.0 had an timing side channel issue when using the internal user database. | |||||
| CVE-2019-13383 | 1 Centos-webpanel | 1 Centos Web Panel | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a username is valid by reading the HTTP response. | |||||
| CVE-2019-13377 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery. | |||||
| CVE-2019-12383 | 1 Torproject | 1 Tor Browser | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Tor Browser before 8.0.1 has an information exposure vulnerability. It allows remote attackers to detect the browser's UI locale by measuring a button width, even if the user has a "Don't send my language" setting. | |||||
| CVE-2019-11743 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-11-21 | 4.3 MEDIUM | 3.7 LOW |
| Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history through timing side-channel attacks. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. | |||||
| CVE-2019-11465 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Couchbase Server 5.5.x through 5.5.3 and 6.0.0. The Memcached "connections" stat block command emits a non-redacted username. The system information submitted to Couchbase as part of a bug report included the usernames for all users currently logged into the system even if the log was redacted for privacy. This has been fixed (in 5.5.4 and 6.0.1) so that usernames are tagged properly in the logs and are hashed out when the logs are redacted. | |||||
| CVE-2019-10848 | 1 Computrols | 1 Computrols Building Automation Software | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Computrols CBAS 18.0.0 allows Username Enumeration. | |||||
| CVE-2019-10764 | 1 Simplito | 1 Elliptic-php | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
| In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. Leakage of a bit-length of the scalar during scalar multiplication is possible on an elliptic curve which might allow practical recovery of the long-term private key. | |||||
| CVE-2019-10233 | 1 Glpi-project | 1 Glpi | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Teclib GLPI before 9.4.1.1 is affected by a timing attack associated with a cookie. | |||||
| CVE-2019-10114 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An Information Exposure issue (issue 2 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. During the OAuth authentication process, the application attempts to validate a parameter in an insecure way, potentially exposing data. | |||||