|
246701
|
8.8 |
HIGH
Network
|
libbpg_project
|
libbpg
|
The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that leads to a heap-based buffer overflow and remote code executio…
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2018-12447
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246702
|
4.7 |
MEDIUM
Local
|
google
|
boringssl
|
BoringSSL through 2018-06-14 allows a memory-cache side-channel attack on DSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a DSA key, the attacker needs access to eit…
|
CWE-200
Information Exposure
|
CVE-2018-12440
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246703
|
4.7 |
MEDIUM
Local
|
matrixssl
|
matrixssl
|
MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access t…
|
CWE-200
Information Exposure
|
CVE-2018-12439
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246704
|
4.9 |
MEDIUM
Physics
|
libsunec_project
|
libsunec
|
The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECD…
|
CWE-200
CWE-320
Information Exposure
Key Management Errors
|
CVE-2018-12438
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246705
|
4.9 |
MEDIUM
Physics
|
libtom
linaro
|
libtomcrypt
op-tee
|
LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to …
|
CWE-200
Information Exposure
|
CVE-2018-12437
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246706
|
4.7 |
MEDIUM
Local
|
wolfssl
|
wolfssl
|
wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the a…
|
CWE-200
Information Exposure
|
CVE-2018-12436
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246707
|
5.9 |
MEDIUM
Local
|
botan_project
|
botan
|
Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.c…
|
CWE-200
Information Exposure
|
CVE-2018-12435
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246708
|
4.7 |
MEDIUM
Local
|
openbsd
|
libressl
|
LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attack…
|
CWE-200
Information Exposure
|
CVE-2018-12434
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246709
|
4.9 |
MEDIUM
Physics
|
cryptlib
|
cryptlib
|
cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to eit…
|
CWE-200
CWE-320
Information Exposure
Key Management Errors
|
CVE-2018-12433
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246710
|
6.1 |
MEDIUM
Network
|
javamelody_project
|
javamelody
|
JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI.
|
CWE-79
Cross-site Scripting
|
CVE-2018-12432
|
2024-11-21 12:45 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
