Total
656 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-12402 | 5 Debian, Fedoraproject, Mozilla and 2 more | 6 Debian Linux, Fedora, Firefox and 3 more | 2024-11-21 | 4.4 Medium |
| During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox < 78. | ||||
| CVE-2020-12401 | 2 Mozilla, Redhat | 3 Firefox, Enterprise Linux, Openshift Do | 2024-11-21 | 4.7 Medium |
| During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80. | ||||
| CVE-2020-12400 | 2 Mozilla, Redhat | 3 Firefox, Enterprise Linux, Openshift Do | 2024-11-21 | 4.7 Medium |
| When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox < 80 and Firefox for Android < 80. | ||||
| CVE-2020-12399 | 3 Debian, Mozilla, Redhat | 5 Debian Linux, Firefox, Firefox Esr and 2 more | 2024-11-21 | 4.4 Medium |
| NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9. | ||||
| CVE-2020-11735 | 1 Wolfssl | 1 Wolfssl | 2024-11-21 | 5.3 Medium |
| The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a "projective coordinates leak." | ||||
| CVE-2020-11713 | 1 Wolfssl | 1 Wolfssl | 2024-11-21 | 7.5 High |
| wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does not properly resist timing side-channel attacks. | ||||
| CVE-2020-11683 | 1 Linux4sam | 1 At91bootstrap | 2024-11-21 | 6.8 Medium |
| A timing side channel was discovered in AT91bootstrap before 3.9.2. It can be exploited by attackers with physical access to forge CMAC values and subsequently boot arbitrary code on an affected system. | ||||
| CVE-2020-11625 | 1 Avertx | 4 Hd438, Hd438 Firmware, Hd838 and 1 more | 2024-11-21 | 5.3 Medium |
| An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. Failed web UI login attempts elicit different responses depending on whether a user account exists. Because the responses indicate whether a submitted username is valid or not, they make it easier to identify legitimate usernames. If a login request is sent to ISAPI/Security/sessionLogin/capabilities using a username that exists, it will return the value of the salt given to that username, even if the password is incorrect. However, if a login request is sent using a username that is not present in the database, it will return an empty salt value. This allows attackers to enumerate legitimate usernames, facilitating brute-force attacks. NOTE: this is different from CVE-2020-7057. | ||||
| CVE-2020-11576 | 1 Argoproj | 1 Argo Cd | 2024-11-21 | 5.3 Medium |
| Fixed in v1.5.1, Argo version v1.5.0 was vulnerable to a user-enumeration vulnerability which allowed attackers to determine the usernames of valid (non-SSO) accounts because /api/v1/session returned 401 for an existing username and 404 otherwise. | ||||
| CVE-2020-11287 | 1 Qualcomm | 329 Aqt1000, Ar8031, Ar8035 and 326 more | 2024-11-21 | 7.5 High |
| Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | ||||
| CVE-2020-10932 | 3 Arm, Debian, Fedoraproject | 3 Mbed Tls, Debian Linux, Fedora | 2024-11-21 | 4.7 Medium |
| An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by exploiting side channels in the conversion to affine coordinates; (2) using an attack described by Naccache, Smart, and Stern in 2003 to recover a few bits of the ephemeral scalar from those projective coordinates via several measurements; and (3) using a lattice attack to get from there to the long-term ECDSA private key used for the signatures. Typically an attacker would have sufficient access when attacking an SGX enclave and controlling the untrusted OS. | ||||
| CVE-2020-10102 | 1 Zammad | 1 Zammad | 2024-11-21 | 5.3 Medium |
| An issue was discovered in Zammad 3.0 through 3.2. The Forgot Password functionality is implemented in a way that would enable an anonymous user to guess valid user emails. In the current implementation, the application responds differently depending on whether the input supplied was recognized as associated with a valid user. This behavior could be used as part of a two-stage automated attack. During the first stage, an attacker would iterate through a list of account names to determine which correspond to valid accounts. During the second stage, the attacker would use a list of common passwords to attempt to brute force credentials for accounts that were recognized by the system in the first stage. | ||||
| CVE-2020-0549 | 6 Canonical, Debian, Fedoraproject and 3 more | 863 Ubuntu Linux, Debian Linux, Fedora and 860 more | 2024-11-21 | 5.5 Medium |
| Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2020-0548 | 2 Intel, Redhat | 859 Celeron 3855u, Celeron 3855u Firmware, Celeron 3865u and 856 more | 2024-11-21 | 5.5 Medium |
| Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2020-0464 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure. This could lead to local information disclosure of accessed web resources with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150371903 | ||||
| CVE-2019-9815 | 2 Apple, Mozilla | 4 Macos, Firefox, Firefox Esr and 1 more | 2024-11-21 | N/A |
| If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7. | ||||
| CVE-2019-9792 | 2 Mozilla, Redhat | 7 Firefox, Firefox Esr, Thunderbird and 4 more | 2024-11-21 | 9.8 Critical |
| The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66. | ||||
| CVE-2019-9495 | 6 Debian, Fedoraproject, Freebsd and 3 more | 9 Debian Linux, Fedora, Freebsd and 6 more | 2024-11-21 | 3.7 Low |
| The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected. | ||||
| CVE-2019-9494 | 5 Fedoraproject, Freebsd, Opensuse and 2 more | 8 Fedora, Freebsd, Backports Sle and 5 more | 2024-11-21 | 5.9 Medium |
| The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected. | ||||
| CVE-2019-9472 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In DCRYPTO_equals of compare.c, there is a possible timing attack due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-130237611 | ||||