Skip to main content
CVE-2018-16869 MEDIUM This Month

A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS#1 v1.5 data. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required. No vendor patch available.

Oracle Information Disclosure Nettle
NVD
CVSS 3.1
5.7
EPSS
1.5%
CVE-2018-16868 MEDIUM This Month

A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. Rated medium severity (CVSS 5.6). No vendor patch available.

Oracle Information Disclosure Gnutls
NVD
CVSS 3.1
5.6
EPSS
0.6%
CVE-2018-7112 MEDIUM This Month

The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Integrated Lights Out 2 Firmware Integrated Lights Out 3 Firmware Integrated Lights Out 4 Firmware +98
NVD
CVSS 3.0
5.5
EPSS
0.7%
CVE-2018-7115 MEDIUM This Month

HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote buffer overflow in dbman.exe opcode 10001 on Windows. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Intelligent Management Center
NVD
CVSS 3.0
5.3
EPSS
13.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy