Total
22 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-0734 | 6 Canonical, Debian, Netapp and 3 more | 20 Ubuntu Linux, Debian Linux, Cloud Backup and 17 more | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p). | |||||
CVE-2017-15906 | 5 Debian, Netapp, Openbsd and 2 more | 22 Debian Linux, Active Iq Unified Manager, Cloud Backup and 19 more | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. |