Nationwide Facial Recognition Ban Proposed By Lawmakers

Lawmakers have proposed legislation that would indefinitely ban the use of facial recognition technology by law enforcement nationwide. The new bill comes after months of public concerns surrounding facial recognition’s implications for data privacy, government surveillance and racial bias. The...

The vulnerability of the SSL_check_chain function in the TLS protocol implementation of the OpenSSL library involves the possibility of reassigning the null pointer due to incorrect processing of the “signature_algorithms_cert” extension in TLS. This allows a perpetrator to cause a service failure.

The vulnerability of the SSLcheckchain function in the TLS protocol implementation of the OpenSSL library is related to the possibility of replacing the zero pointer due to incorrect processing of the “signaturealgorithmscert” extension in TLS. Exploiting this vulnerability can allow a malicious...

Schneider Electric Easergy T300 Encryption Issue Vulnerability

The Schneider Electric Easergy T300 is a remote terminal unit for the power industry from Schneider Electric, France. A cryptographic vulnerability exists in the Schneider Electric Easergy T300 using firmware version 1.5.2 and earlier, which stems from the program's use of weak cryptographic...

EulerOS 2.0 SP2 : openssl (EulerOS-SA-2020-1625)

According to the version of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2020-1625)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-4191

IBM Security Guardium 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174852...

Code injection

IBM Security Guardium 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174852...

CVE-2020-4191

The CVE-2020-4191 issue affects IBM Security Guardium (notably version 11.1 per the primary entry) and is caused by the use of weaker cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. The IBM advisory confirms Guardium exposure across multiple releases...

Code injection

IBM Planning Analytics Local 2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179001...

CVE-2020-4367

IBM Planning Analytics Local 2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179001...

MemoryMapper - Lightweight Library Which Allows The Ability To Map Both Native And Managed Assemblies Into Memory

Memory Mapper is a lightweight library which allows the ability to map both native and managed assemblies into memory by either using process injection of a process specified by the user or self-injection; the technique of injecting an assembly into the currently running process attempting to do...

CVE-2020-4350

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178424...

Code injection

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178424...

Code injection

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179158...

CVE-2020-4379

CVE-2020-4379 affects IBM Spectrum Scale 5.0.0.0 through 5.0.4.4, where weaker cryptographic algorithms could allow decryption of highly sensitive information. IBM’s bulletins show affected products and versions (Spectrum Scale GUI and ESS GUI) and outline remediation paths: upgrade to Spectrum S...

CVE-2020-4379

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179158...

CVE-2020-4350

CVE-2020-4350 affects IBM Spectrum Scale (and related IBM ESS/GUIs) versions 5.0.0.0 through 5.0.4.4, where weaker cryptographic algorithms could allow decryption of highly sensitive data. Connected IBM advisories specify the affected products and versions, with remediations: IBM Spectrum Scale G...

CVE-2020-4350

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178424...

Security Bulletin: IBM Spectrum Scale GUI is affected by weak crypto algorithm (CVE-2020-4379)

Summary A security vulnerability has been identified in all levels of IBM Spectrum Scale GUI. A fix for this vulnerability is available. Vulnerability Details CVEID: CVE-2020-4379 DESCRIPTION: IBM Spectrum Scale uses weaker than expected cryptographic algorithms that could allow an attacker to...

The vulnerability of the `send_client_hello` function in `handshake.c` of the GnuTLS cryptographic library is related to deficiencies in the cryptographic algorithms used. This vulnerability allows an attacker to gain unauthorized access to confidential data or compromise the integrity of the data.

The vulnerability of the sendclienthello function in the handshake.c file of the GnuTLS cryptographic library is related to deficiencies in the cryptographic algorithms used. Exploiting this vulnerability could allow an attacker to gain unauthorized access to confidential data or compromise the...