CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-29507
https://notcve.org/view.php?id=CVE-2020-29507
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability. Dell BSAFE Crypto-C Micro Edition, versiones anteriores a la 4.1.4, y Dell BSAFE Micro Edition Suite, versiones anteriores a la 4.4, contienen una vulnerabilidad de validación de entrada inadecuada • https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-29506
https://notcve.org/view.php?id=CVE-2020-29506
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability. Dell BSAFE Crypto-C Micro Edition, versiones anteriores a la 4.1.5, y Dell BSAFE Micro Edition Suite, versiones anteriores a la 4.5.2, contienen una vulnerabilidad de discrepancia de tiempo observable • https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html • CWE-385: Covert Timing Channel •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-29505
https://notcve.org/view.php?id=CVE-2020-29505
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Key Management Error Vulnerability. Dell BSAFE Crypto-C Micro Edition, versiones anteriores a la 4.1.5, y Dell BSAFE Micro Edition Suite, versiones anteriores a la 4.5.2, contienen una vulnerabilidad de error en la gestión de claves • https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html • CWE-331: Insufficient Entropy •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-3733
https://notcve.org/view.php?id=CVE-2019-3733
RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure. RSA BSAFE Crypto-C Micro Edition, todas las versiones anteriores a 4.1.4, es susceptible a tres (3) vulnerabilidades diferentes de Borrado Inapropiado de la Memoria de la Pila Antes de Liberarla, también se conoce como "Heap Inspection vulnerability". Un usuario remoto malicioso podría explotar esta vulnerabilidad para extraer información dejando los datos en riesgo de exposición. • https://www.dell.com/support/kbdoc/000194054 • CWE-316: Cleartext Storage of Sensitive Information in Memory CWE-459: Incomplete Cleanup •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-3732
https://notcve.org/view.php?id=CVE-2019-3732
RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure. RSA BSAFE Crypto-C Micro Edition, versiones anteriores a 4.0.5.3 (en versiones 4.0.x) y versiones anteriores a 4.1.3.3 (en versiones 4.1.x), y RSA Micro Edition Suite, versiones anteriores a 4.0.11 (en versiones 4.0. x), versiones anteriores a 4.1.6.1 (en versiones 4.1.x) y las versiones anteriores a 4.3.3 (versiones 4.2.x y 4.3.x), son vulnerables a una Exposición de Información por Discrepancia de Sincronización. Un usuario remoto malicioso podría explotar esta vulnerabilidad para extraer información dejando los datos en riesgo de exposición. • https://www.dell.com/support/kbdoc/000194054 • CWE-203: Observable Discrepancy CWE-385: Covert Timing Channel •