CVE-2019-4553

IBM API Connect V5.0.0.0 through 5.0.8.7iFix3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165958...

CVE-2019-4553

CVE-2019-4553 affects IBM API Connect V5.0.0.0–5.0.8.7iFix3. The issue stems from the use of weaker-than-expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Affected product versions include API Connect V5.0.0.0 through 5.0.8.7iFix3. Remediation...

CVE-2019-4553

IBM API Connect V5.0.0.0 through 5.0.8.7iFix3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165958...

CVE-2019-19324

Xmidt cjwt through 1.0.1 before 2019-11-25 maps unsupported algorithms to alg=none, which sometimes leads to untrusted accidental JWT acceptance...

CVE-2019-19324

Xmidt cjwt through 1.0.1 before 2019-11-25 maps unsupported algorithms to alg=none, which sometimes leads to untrusted accidental JWT acceptance...

Security Bulletin: IBM® Db2® does not explicitly forbid a weaker than expected 3DES cipher when configured to use SSL (CVE-2019-4102).

Summary TLS 1.2 allows the use of 3DES, which has some known weaknesses, among other supported ciphers. Db2 does not forbid the use of 3DES when configured to use TLS 1.2 protocol. Although Db2 does not choose the cipher out of all available ciphers, the weaker ciphers should be explicitly...

Security Bulletin: IBM QRadar Advisor With Watson App for IBM QRadar SIEM uses weaker than expected cryptographic algorithms (CVE-2019-4557)

Summary IBM QRadar Advisor With Watson App for IBM QRadar SIEM uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information stored in the app Vulnerability Details CVEID: CVE-2019-4557 DESCRIPTION: IBM QRadar Advisor uses weaker than...

CVE-2019-4557

IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 166206...

Code injection

IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 166206...

CVE-2019-4557

IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 166206...

Hashcracker - Python Hash Cracker

Supportedhashing algorithms: SHA512, SHA256, SHA384, SHA1, MD5 Features: auto detection of hashing algorithm based on length not recommended, bruteforce, password list Arguments: type: hash algorithm must be one of the supported hashing algorithms mentioned above or AUTO if you want to use...

Security Bulletin: Information Disclosure Security Vulnerability Affects IBM Sterling File Gateway (CVE-2018-1470, CVE-2017-1544, CVE-2017-1575)

Summary Information disclosure security vulnerability affects IBM Sterling Filegateway. Vulnerability Details CVEID: CVE-2018-1470 DESCRIPTION: IBM Sterling File Gateway could allow a remote authenticated attacker to obtain sensitive information displayed in the URL that could lead to further...

CVE-2019-4540

IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165813...

Code injection

IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165813...

CVE-2019-4540

IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165813...

PCFG Cracker - Probabilistic Context Free Grammar (PCFG) Password Guess Generator

PCFG = Probabilistic Context Free Grammar PCFG = Pretty Cool Fuzzy Guesser In short: A collection of tools to perform research into how humans generate passwords. These can be used to crack password hashes, but also create synthetic passwords honeywords, or help develop better password strength...

Trolls-For-Hire Pave Way For Sophisticated Social Media Hacks

NEW ORLEANS – Researchers have observed the blossoming of a new type of social media nuisance they are calling Trolling-as-a-Service. They say these rabble-rousing efforts have emerged as a clever new way for hackers to launch coordinated and dangerous attacks via Facebook and Twitter. Speaking a...

Code injection

IBM Security Secret Server 10.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 170045...

CVE-2019-4639

CVE-2019-4639 affects IBM Security Secret Server. Multiple sources confirm that 10.7 uses weaker-than-expected cryptographic algorithms, potentially allowing an attacker to decrypt highly sensitive information. IBM’s security bulletin states the issue has been addressed in release 10.7.000059, wi...

DEBIAN-CVE-2015-0294

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate...