Vulnerabilities > Key Management Errors
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-15 | CVE-2018-12433 | Key Management Errors vulnerability in Cryptlib 3.4.4 cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. | 4.9 |
| 2018-06-13 | CVE-2018-7559 | Key Management Errors vulnerability in Opcfoundation Ua-.Net-Legacy and Ua-.Netstandard An issue was discovered in OPC UA .NET Standard Stack and Sample Code before GitHub commit 2018-04-12, and OPC UA .NET Legacy Stack and Sample Code before GitHub commit 2018-03-13. | 5.3 |
| 2018-06-12 | CVE-2018-0732 | Key Management Errors vulnerability in multiple products During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. | 7.5 |
| 2018-06-04 | CVE-2016-1000346 | Key Management Errors vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. | 3.7 |
| 2018-05-30 | CVE-2018-7534 | Key Management Errors vulnerability in Unisys Stealth Authorization Server In Stealth Authorization Server before 3.3.017.0 in Unisys Stealth Solution, an encryption key may be left in memory. | 4.7 |
| 2018-05-04 | CVE-2013-2233 | Key Management Errors vulnerability in Redhat Ansible Ansible before 1.2.1 makes it easier for remote attackers to conduct man-in-the-middle attacks by leveraging failure to cache SSH host keys. | 7.4 |
| 2018-04-18 | CVE-2016-10467 | Key Management Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 820, and SD 820A, function ce_pkcs1_pss_padding_verify_auto_recover_saltlen assumes that the size of the encoded message is equal to the size of the RSA modulus. | 9.8 |
| 2018-04-18 | CVE-2016-10421 | Key Management Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, key material is not always cleared properly. | 9.8 |
| 2018-04-12 | CVE-2015-0153 | Key Management Errors vulnerability in Dlink Dir-815 Firmware D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveraging cleartext storage of the wireless key. | 7.5 |
| 2018-04-04 | CVE-2018-9234 | Key Management Errors vulnerability in multiple products GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey. | 7.5 |