Falhas do tipo CWE-385
40 resultadosCVE-2023-49092MEDIUMRustCrypto/RSA vulnerable to a Marvin Attack via key recovery through timing sidechannelsEPSS 0.6%CVE-2024-13176MEDIUMTiming side-channel in ECDSA signature computationEPSS 0.6%CVE-2016-7056MEDIUMA timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 privaEPSS 0.6%CVE-2025-59425HIGHvLLM vulnerable to timing attack at bearer authEPSS 0.5%CVE-2024-45192MEDIUMAn issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keyEPSS 0.5%CVE-2024-36405MEDIUMControl-flow timing leak in Kyber reference implementation when compiled with Clang 15-18 for -Os, -O1 and other optionsEPSS 0.5%CVE-2026-5598HIGHNon-constant time comparisons risk private key leakage in FrodoKEM.EPSS 0.5%CVE-2025-53826HIGHFileBrowser Has Insecure JWT Handling Which Allows Session Replay Attacks after LogoutEPSS 0.5%CVE-2019-19338MEDIUMA flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculativEPSS 0.5%CVE-2023-33855LOWIBM Common Cryptographic Architecture information disclosureEPSS 0.5%CVE-2025-49087MEDIUMIn Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plainteEPSS 0.4%CVE-2018-10846MEDIUMA cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker coulEPSS 0.4%CVE-2025-27587MEDIUMOpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Minerva attack, exploitable by measuring the time of signing of rEPSS 0.4%CVE-2024-23170MEDIUMAn issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This EPSS 0.3%CVE-2025-66442MEDIUMIn Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's seleEPSS 0.3%CVE-2025-69893MEDIUMA side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, TrezoEPSS 0.2%CVE-2026-6478MEDIUMPostgreSQL discloses MD5-hashed passwords via covert timing channelEPSS 0.2%CVE-2025-29780MEDIUMPost-Quantum Secure Feldman's Verifiable Secret Sharing has Timing Side-Channels in Matrix OperationsEPSS 0.2%CVE-2025-7396MEDIUMCurve25519 BlindingEPSS 0.2%CVE-2024-11862MEDIUMNon constant time cryptographic operation in Devolutions.XTS.NET 2024.11.19 and earlier allows an attacker to render half of the encryption EPSS 0.1%