The vulnerability of microprogrammed software in Schneider Electric Easergy P5 relay protection and control devices, related to the use of cryptographic algorithms containing defects, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of microprogrammed software in Schneider Electric Easergy P5 relay protection and control devices is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality,...

CVE-2022-22453

IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 224919...

CVE-2022-22453

CVE-2022-22453 affects IBM Security Verify Identity Manager 10.0 (virtual appliance component). The root cause is the use of weaker-than-expected cryptographic algorithms, allowing an attacker to decrypt highly sensitive information (confidentiality impact). IBM’s bulletin references a CVSS base ...

CVE-2022-22453

IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 224919...

EulerOS Virtualization 2.10.1 : openssl (EulerOS-SA-2022-2060)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of...

EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2022-2032)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of...

Security Bulletin: security vulnerabilities have been fixed in IBM Security Verify Governance, Identity Manager virtual appliance component

Summary IBM Security Verify Governance, Identity Manager virtual appliance component has addressed the following vulnerabilities Vulnerability Details CVEID: CVE-2022-22453 DESCRIPTION: IBM Security Verify Identity Manager uses weaker than expected cryptographic algorithms that could allow an...

Unspecified Vulnerability in Dell BSAFE Crypto-C Micro Edition and Dell BSAFE Micro Edition Suite (CNVD-2022-84611)

Dell BSAFE Micro Edition Suite is a development toolkit that provides encryption, certificate, and transport layer security for c/c++ applications, devices, and systems.Dell BSAFE is a security software product that supports cryptographic algorithms, certificate chain validation, and Transport...

Unspecified Vulnerability in Dell BSAFE Crypto-C Micro Edition and Dell BSAFE Micro Edition Suite (CNVD-2022-84615)

Dell BSAFE Micro Edition Suite is a development toolkit that provides encryption, certificate, and transport layer security for c/c++ applications, devices, and systems.Dell BSAFE is a security software product that supports cryptographic algorithms, certificate chain validation, and Transport...

Dell BSAFE 安全漏洞

Dell BSAFE Micro Edition Suite is a development toolkit that provides encryption, certificate, and transport layer security for c/c++ applications, devices, and systems.Dell BSAFE is a security software product that supports cryptographic algorithms, certificate chain validation, and Transport...

[SECURITY] Fedora 36 Update: openssl-3.0.5-1.fc36

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

Code injection

IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081...

CVE-2022-22464

The CVE-2022-22464 entry concerns IBM Security Access Manager Appliance. Affected products are IBM Security Access Manager Appliance versions 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0. The issue is described as using weaker-than-expected cryptographic algorithms that could allow an attacker to d...

CVE-2022-22464

IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 225081...

DEBIAN-CVE-2022-32206

curl 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually...

Design/Logic Flaw

curl 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually...

Security Bulletin: Multiple security vulnerabilities fixed in IBM Security Verify Access Appliance (CVE-2022-22465, CVE-2022-22463, CVE-2022-22464)

Summary Multiple security vulnerabilities found in IBM Security Verify Access Appliance have been fixed. Vulnerability Details CVEID: CVE-2022-22465 DESCRIPTION: IBM Security Access Manager Appliance could allow a local user to obtain elevated privileges due to improper access permissions. CVSS...

NIST Announces First Four Quantum-Resistant Cryptographic Algorithms

The U.S. Department of Commerce's National Institute of Standards and Technology NIST has chosen the first set of quantum-resistant encryption algorithms that are designed to "withstand the assault of a future quantum computer." The post-quantum cryptography PQC technologies include the...

NIST Announces First Four Quantum-Resistant Cryptographic Algorithms

NISTs post-quantum computing cryptography standard process is entering its final phases. It announced the first four algorithms: For general encryption, used when we access secure websites, NIST has selected the CRYSTALS-Kyber algorithm. Among its advantages are comparatively small encryption key...

OpenSSL RSA Component Remote Code Execution Vulnerability

OpenSSL is an open source Openssl team's general-purpose cryptographic library capable of implementing Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. The product supports multiple encryption algorithms, including symmetric ciphers, hashing algorithms, secure hashing...