135 matches found
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Network Intrusion Prevention System (CVE-2015-3194, CVE-2015-3195, and CVE-2015-3196)
Summary Security vulnerabilities have been discovered in OpenSSL used with IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2015-3194 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference when verifying certificates via a...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794
Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Spectrum Control and Tivoli Storage Productivity Center. IBM Spectrum Control and Tivoli Storage Productivity Center have addressed the applicable CVEs. Vulnerability Details CVEID:...
Security Bulletin: December 2015 OpenSSL Vulnerabilities in Multiple N series Products
Summary Multiple N series products incorporate the OpenSSL software libraries to provide cryptographic capabilities. OpenSSL versions below 1.0.2e, 1.0.1q, 1.0.0t, and 0.9.8zh are susceptible to vulnerabilities that could lead to a denial of service attack or information disclosure. Multiple N...
SUSE: Security Advisory (SUSE-SU-2021:3196-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-3196
An issue was discovered in Hitachi ID Bravura Security Fabric 11.0.0 through 11.1.3, 12.0.0 through 12.0.2, and 12.1.0. When using federated identity management authenticating via SAML through a third-party identity provider, an attacker can inject additional data into a signed SAML response bein...
CVE-2021-3196
Hitachi ID Bravura Security Fabric is affected (versions 11.0.0–11.1.3, 12.0.0–12.0.2, 12.1.0). The root cause is that, during federated identity management via SAML, an attacker can inject extra data into a signed SAML response and the service provider uses the unsigned values, enabling imperson...
CVE-2021-3196
An issue was discovered in Hitachi ID Bravura Security Fabric 11.0.0 through 11.1.3, 12.0.0 through 12.0.2, and 12.1.0. When using federated identity management authenticating via SAML through a third-party identity provider, an attacker can inject additional data into a signed SAML response bein...
SUSE: Security Advisory (SUSE-SU-2016:0786-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:2253-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:2237-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:2230-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : firefox (CESA-2019:3196)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2019:3196 advisory. - Mozilla: Use-after-free when creating index updates in IndexedDB CVE-2019-11757 - Mozilla: Potentially exploitable crash due to 360 Total Security...
Security Bulletin: OpenSSL vulnerabilities affect IBM SmartCloud Entry
Summary IBM SmartCloud Entry is vulnerable to several OpenSSL vulnerabilities, attackers could exploit them to cause a denial of service or execute arbitrary code on the system. Vulnerability Details CVEID: CVE-2015-3194 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Sterling B2B Integrator (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794)
Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Sterling B2B Integrator. IBM Sterling B2B Integrator has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3193 DESCRIPTION: OpenSSL could allow a remote attacker t...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational Application Developer for WebSphere Software (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794)
Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Rational Application Developer for WebSphere Software. IBM Rational Application Developer for WebSphere Software has addressed the applicable CVEs. Vulnerability Details CVEID:...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware
Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware. IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware has addressed the applicable...
CVE-2018-3196
CVE-2018-3196 affects Oracle E-Business Suite, Partner Management component (Partner Dashboard). Affected versions: 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise Oracle Partner Manage...
CVE-2018-3196
Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite subcomponent: Partner Dashboard. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Rational ClearQuest (CVE-2015-3196, CVE-2015-3193, CVE-2015-3194, CVE-2015-3195)
Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3196 DESCRIPTION: OpenSSL is vulnerable to a denial of service,...
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearCase (CVE-2015-3194, CVE-2015-3196, CVE-2016-0702)
Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 and March 1, 2016 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearCase. IBM Rational ClearCase has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3194 DESCRIPTION: OpenSSL is vulnerable to a deni...