Security Bulletin: IBM Security Network Intrusion Prevention System is affected by multiple vulnerabilities

Summary Multiple security vulnerabilities CVE-2018-1426, CVE-2018-1427, CVE-2018-1428, CVE-2017-3736, CVE-2017-3732, CVE-2016-0705, and CVE-2018-1447 have been discovered in GSKit used with IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION:...

IBM Cognos Analytics has an unspecified vulnerability (CNVD-2022-11191)

IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation. The software includes reports, dashboards and scorecards, and can help companies adjust their decisions by analyzing key factors and key people, etc. A security vulnerability exists in IBM Cognos Analytics...

Design/Logic Flaw

Due to weak obfuscation, IBM Cognos Analytics Mobile for Android application prior to version 1.1.14 , an attacker could be able to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions, algorithms and functions used. IBM X-Force ID: 215593...

Security Bulletin: Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for VMware

Summary There are multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for VMware. IBM Spectrum Protect Snapshot for VMware has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL...

CVE-2021-4160

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...

OpenSSL: BN_mod_exp may produce incorrect results on MIPS (CVE-2021-4160) - Linux

OpenSSL is prone to a carry propagation vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you ca...

FreeBSD : OpenSSL -- BN_mod_exp incorrect results on MIPS (1aaaa5c6-804d-11ec-8be6-d4c9ef517024)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1aaaa5c6-804d-11ec-8be6-d4c9ef517024 advisory. - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are...

DEBIAN-CVE-2021-4160

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...

CVE-2021-4160

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...

CVE-2021-4160

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...

CVE-2021-4160

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...

Design/Logic Flaw

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...

CVE-2021-4160 BN_mod_exp may produce incorrect results on MIPS

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...

CVE-2021-4160

CVE-2021-4160 describes a carry propagation bug in the MIPS32/MIPS64 squaring procedure that can affect OpenSSL on MIPS platforms. The issue could impact RSA/DSA/DH and TLS operations under certain conditions, with practical exploitation described as very difficult or limited. Remediation is prov...

CVE-2021-4160

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...

Vulnerability in OpenSSL - BN_mod_exp may produce incorrect results on MIPS

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...

OpenSSL -- BN_mod_exp incorrect results on MIPS

The OpenSSL project reports: BNmodexp may produce incorrect results on MIPS Moderate There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the...

OpenSSL 1.1.1 < 1.1.1m Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.1.1m. It is, therefore, affected by a vulnerability as referenced in the 1.1.1m advisory. - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1....

IBM DB2 9.7 < 9.7 FP 11 40985 / 10.1 < 10.1 FP 6 40986 / 10.5 < 10.5 FP 11 40988 / 11.1 < 11.1.4 FP 6 41025 / 11.5 < 11.5.7 Information Disclosure (Windows)

According to its self-reported version number, IBM Db2 is affected by an information disclosure vulnerability due to it using weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Note that Nessus has not tested for this issue but has...

Security Bulletin: IBM Db2® Warehouse has released a fix in response to multiple vulnerabilities found in IBM Db2®

Summary IBM has released the following fix for IBM Db2® Warehouse in response to multiple vulnerabilities found in IBM Db2®. Vulnerability Details CVEID: CVE-2021-38931 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.1, and 11.5 is vulnerable to an information...