What is fuzz testing? What is it used to test for?

Fuzz testing, regularly known as fuzzing, is a product testing procedure that incorporates embedding flawed or arbitrary information FUZZ into a product framework to recognize coding issues and security issues. Fuzz testing involves infusing information into a framework utilizing robotized or...

CVE-2021-38921

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210067...

Code injection

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210067...

CVE-2021-38921

IBM Security Verify Access 10.0.0.0 is affected by CVE-2021-38921, where weaker-than-expected cryptographic algorithms could allow decrypting highly sensitive information. The CVE is listed in IBM’s advisories and the A2E bulletin, which also identifies the affected product version (10.0.0.0) and...

CVE-2021-38921

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210067...

What you need to know about how cryptography impacts your security strategy

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest post of our Voice of the Community blog series post, Microsoft Security Product Marketing Manager Natalia Godyla talks with Taurus SA Co-founder...

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure as it uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. (CVE-2021-39002)

Summary Db2 is vulnerable to an information disclosure as it uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Vulnerability Details CVEID: CVE-2021-39002 DESCRIPTION: IBM DB2 for Linux, UNIX and Windows includes DB2 Connect...

PT-2021-6068 · Moxa · Moxa Tn-5900

Name of the Vulnerable Software and Affected Versions: Moxa TN-5900 devices through 3.1 Description: The issue is related to a weak algorithm used in the firmware of Moxa TN-5900 devices, which can be exploited by an attacker to defeat an inspection mechanism for integrity protection. This weakne...

Security Bulletin: IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data hve released a fix in response to multiple vulnerabilities found in IBM Db2®

Summary IBM has released the following fix for IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data in response to multiple vulnerabilities found in IBM Db2®. Vulnerability Details CVEID: CVE-2021-38931 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect...

Security Bulletin: Miscellaneous security vulnerabilities in IBM Spectrum Copy Data Management

Summary IBM Spectrum Copy Data Management uses weaker than expected cryptographic algorithms, authentication, and password rules. In addition, IBM Spectrum Copy Data Management is vulnerable to execution of arbitrary commands on the system, obtaining sensitive information, and clickjacking...

OpenSSL 3.0.0 < 3.0.1 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.0.1 advisory. - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the...

CVE-2021-39058

IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 214617...

Code injection

IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 211242...

Code injection

IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 214617...

CVE-2021-39058

IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 214617...

CVE-2021-39058

CVE-2021-39058 affects IBM Spectrum Copy Data Management, listing weaker-than-expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Public sources (NVD entry) describe the affected product as IBM Spectrum Copy Data Management 2.2.13 and earlier. T...

CVE-2021-38947

CVE-2021-38947 affects IBM Spectrum Copy Data Management (2.2.13 and earlier). The root cause is the use of weaker-than-expected cryptographic algorithms, which could enable an attacker to decrypt highly sensitive information. The IBM security bulletin details broader vulnerabilities including cr...

CVE-2021-38947

IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 211242...

Security Bulletin: IBM QRadar SIEM is vulnerable to using weaker than expected cryptographic algorithms (CVE-2021-20400)

Summary IBM QRadar SIEM is vulnerable to using weaker than expected cryptographic algorithms Vulnerability Details CVEID: CVE-2021-20400 DESCRIPTION: IBM QRadar uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVSS Base score...

CVE-2021-38891

IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 209508...