CVE-2021-39215 Authentication Bypass: Forged Tokens Allow Access to Arbitrary Rooms

Jitsi Meet is an open source video conferencing application. In versions prior to 2.0.5963, a Prosody module allows the use of symmetrical algorithms to validate JSON web tokens. This means that tokens generated by arbitrary sources can be used to gain authorization to protected rooms. This issue...

Fedora: Security Advisory for openssl (FEDORA-2021-974adcb4a6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM QRadar SIEM is vulnerable to using weaker than expected cryptographic algorithms (CVE-2021-29750)

Summary IBM QRadar SIEM is vulnerable to using weaker than expected cryptographic algorithms Vulnerability Details CVEID: CVE-2021-29750 DESCRIPTION: IBM QRadar uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVSS Base score...

[SECURITY] Fedora 33 Update: openssl-1.1.1l-1.fc33

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

Fedora: Security Advisory for openssl (FEDORA-2021-c614315daa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Laurent Rineau CGAL Code Execution Vulnerability

Laurent Rineau CGAL is an open source application from Laurent Rineau. Providing access to geometric algorithms in the form of a C library, Laurent Rineau CGAL suffers from a security vulnerability that could be exploited by an attacker to cause out-of-range reads and type obfuscation through the...

Laurent Rineau CGAL Code Execution Vulnerability (CNVD-2022-32788)

Laurent Rineau CGAL is an open source application from Laurent Rineau. It provides access to geometric algorithms in the form of C libraries. Laurent Rineau CGAL suffers from a security vulnerability that can be exploited by an attacker to cause out-of-range reads and type obfuscation via a...

[SECURITY] Fedora 34 Update: openssl-1.1.1l-1.fc34

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

Code injection

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 201095...

Code injection

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-ForceID: 201100...

CVE-2021-29723

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-ForceID: 201100...

CVE-2021-29722

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 201095...

Security Bulletin: Multiple Vulnerabilities Affect IBM Secure External Authentication Server

Summary There are multiple vulnerabilities in IBM Secure External Authentication Server. IBM Secure External Authentication Server has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-29722 DESCRIPTION: IBM Sterling Secure Proxy uses weaker than expected cryptographic algorith...

Security Bulletin: Multiple Vulnerabilities Affect IBM Secure Proxy

Summary There are multiple vulnerabilities in IBM Secure Proxy. IBM Secure Proxy has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-29723 DESCRIPTION: IBM Sterling Secure Proxy uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly...

openssl buffer overflow vulnerability (CNVD-2021-71263)

OpenSSL is an open source general-purpose cryptographic library from the Openssl team capable of implementing the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. The product supports a variety of encryption algorithms, including symmetric ciphers, hashing algorithms,...

GHSA-4X25-PVHW-5224 Algorithms compute incorrect results in blake2

An issue was discovered in the blake2 crate before 0.8.1 for Rust. The BLAKE2b and BLAKE2s algorithms, when used with HMAC, produce incorrect results because the block sizes are half of the required sizes...

CVE-2021-29704

IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

Information disclosure

IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2021-29704

CVE-2021-29704 affects IBM Security SOAR (Resilient) on-premises, stemming from use of weaker-than-expected cryptographic algorithms that could lead to information disclosure. The IBM Security SOAR/Resilient DR system allows TLS 1.0 connections, enabling potential decryption of highly sensitive i...

Security Bulletin: IBM Resilient Disaster Recovery (DR) system allows connections over TLS 1.0 (CVE-2021-29704)

Summary IBM Resilient Disaster Recovery DR system allows connections over TLS 1.0 Vulnerability Details CVEID: CVE-2021-29704 DESCRIPTION: IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVSS Base score: 5....