2230 matches found
BSA-2020-948
Security Advisory ID : BSA-2020-948 Component : OpenSSL Revision : 1.0 Server or client applications that call the SSLcheckchain function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signaturealgorithmscert" TLS extensio...
CentOS: Security Advisory for java-11-openjdk (CESA-2021:1297)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Researchers Uncover Stealthy Linux Malware That Went Undetected for 3 Years
A previously undocumented Linux malware with backdoor capabilities has managed to stay under the radar for about three years, allowing the threat actor behind the operation to harvest and exfiltrate sensitive information from infected systems. Dubbed "RotaJakiro" by researchers from Qihoo 360...
OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2...
OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2...
OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2...
OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2...
CVE-2021-29694
IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 200258...
CVE-2021-29694
CVE-2021-29694 affects IBM Spectrum Protect Plus versions 10.1.0–10.1.7, where weaker cryptographic algorithms (notably 3DES) could allow an attacker to decrypt highly sensitive information. The root cause is use of weaker-than-expected cryptography in the affected release. IBM’s bulletin indicat...
[SECURITY] Fedora 34 Update: CImg-2.9.7-1.fc34
The CImg Library is an open-source C++ toolkit for image processing. It consists in a single header file 'CImg.h' providing a minimal set of C++ classes and methods that can be used in your own sources, to load/save, process and display images. Very portable, efficient and easy to use, it's a...
Security Bulletin: IBM Spectrum Protect Plus allows Weak Cryptographic Algorithms (CVE-2021-29694)
Summary Weak cryptographic algorithms such as 3DES may be used by IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2021-29694 DESCRIPTION: IBM Spectrum Protect Plus uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...
OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2...
Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2021-1298)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1298 advisory. 1:1.8.0.292.b10-1 - Add CVE numbers. - Require tzdata 2021a due to JDK-8260356 - Resolves: rhbz1938201 1:1.8.0.292.b10-0 - Update to...
Oracle Linux 8 : java-11-openjdk (ELSA-2021-1307)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1307 advisory. 1:11.0.11.0.9-0 - Update to jdk-11.0.11.0+9 - Update release notes to 11.0.11.0+9 - Require tzdata 2020f to match upstream change JDK-8259048 - Require tzdata...
OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2...
OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2...
Moderate: Red Hat Security Advisory: java-11-openjdk security update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (Libraries, 8249906)
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2...
OESA-2021-1147 openssl security update
OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation...
Security Bulletin: Resilient is affected by the use of a risky or outdated cypher (CVE-2017-1657)
Summary Security Bulletin: Resilient is affected by the use of a risky or outdated cypher CVE-2017-1657 Vulnerability Details Summary Resilient has addressed the vulnerability by using updated cyphers. Vulnerability Details CVEID: CVE-2017-1657 DESCRIPTION: IBM Resilient uses weaker than expected...