CVE-2019-1551

CVE-2019-1551 refers to an overflow bug in the x64_64 Montgomery squaring procedure used in OpenSSL during exponentiation with 512-bit moduli. OpenSSL notes no impact to EC, while DH512 attacks are only just feasible under certain conditions. Public disclosures and advisories confirm the issue an...

CVE-2019-1551

There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...

RSA-240 Factored

This just in: We are pleased to announce the factorization of RSA-240, from RSA's challenge list, and the computation of a discrete logarithm of the same size 795 bits: RSA-240 = 12462036678171878406583504460810659043482037465167880575481878888328...

Moderate: Red Hat Security Advisory: gnutls security, bug fix, and enhancement update

An update for gnutls is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2019-4339

IBM Security Guardium Big Data Intelligence SonarG 4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 161418...

CVE-2019-4339

IBM Security Guardium Big Data Intelligence SonarG 4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 161418...

Cryptovenom - The Cryptography Swiss Army Knife

CryptoVenom: The Cryptography Swiss Army knife What is CryptoVenom? CryptoVenom is an OpenSource tool which contains a lot of cryptosystems and cryptoanalysis methods all in one, including classical algorithms, hash algorithms, encoding algorithms, logic gates, mathematical functions, modern...

PT-2019-17041 · Ibm · Ibm Security Guardium Big Data Intelligence

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Big Data Intelligence SonarG version 4.0 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information...

CVE-2019-4399

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 162260...

CVE-2019-4399

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 162260...

IBM Security Guardium Big Data Intelligence Encryption Issue Vulnerability

IBM Security Guardium Big Data Intelligence SonarG is a suite of big data security intelligence solutions from IBM, USA. The solution features interactive data exploration, automated connectivity analysis, and user activity analysis. An encryption issue vulnerability exists in IBM Security Guardi...

Security Bulletin: IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise Edition is affected by ASoC vulnerability (CVE-2019-4399)

Summary IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise has addressed the ASoC vulnerability. Vulnerability Details CVEID: CVE-2019-4399 DESCRIPTION: IBM Cloud Orchestrator uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive...

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server affects Netezza Performance Portal

Summary IBM HTTP Server is used by IBM Netezza Performance Portal. IBM Netezza Performance Portal has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL could allow a local attacker to obtain sensitive information, caused by a side-channel attack agains...

Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with IBM License Metric Tool v9.

Summary IBM DB2 is shipped with IBM License Metric Tool. Information about a security vulnerabilities affecting IBM DB2 has been published in a security bulletin. Vulnerability Details CVEID: CVE-2019-4322 DESCRIPTION: IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server is vulnerable ...

CVE-2016-7055

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is...

Fedora Update for openssl FEDORA-2019-d51641f152

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: IBM Security Key Lifecycle Manager uses weaker than expected cryptographic algorithms (CVE-2019-4516)

Summary IBM Security Key Lifecycle Manager uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Vulnerability Details CVEID: CVE-2018-1751 DESCRIPTION: IBM Tivoli Key Lifecycle Manager uses weaker than expected cryptographic...

[SECURITY] Fedora 29 Update: openssl-1.1.1d-1.fc29

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

[SECURITY] Fedora 30 Update: openssl-1.1.1d-1.fc30

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

[SECURITY] Fedora 31 Update: openssl-1.1.1d-1.fc31

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...