2222 matches found
ALSA-2025:7076 Moderate: gnutls security update
The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS CVE-2024-12243 For more details...
CVE-2025-1993
IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected...
CVE-2025-1993 IBM App Connect Enterprise Certified Container information disclosure
IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected...
CVE-2025-1993 IBM App Connect Enterprise Certified Container information disclosure
IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected...
PT-2025-20584 · Ibm · Ibm App Connect Enterprise Certified Container
Name of the Vulnerable Software and Affected Versions: IBM App Connect Enterprise Certified Container versions 8.1 through 12.10 Description: The issue concerns the use of weaker than expected cryptographic algorithms to protect the database storing flows in DesignerAuthoring instances. This coul...
On the Price of Differential Privacy for Spectral Clustering over Stochastic Block Models
We investigate privacy-preserving spectral clustering for community detection within stochastic block models SBMs. Specifically, we focus on edge differential privacy DP and propose private algorithms for community recovery. Our work explores the fundamental trade-offs between the privacy budget...
Botan C++ Crypto Algorithms Library 3.8.1
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS 10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to...
Optimal Regret of Bernoulli Bandits under Global Differential Privacy
As sequential learning algorithms are increasingly applied to real life, ensuring data privacy while maintaining their utilities emerges as a timely question. In this context, regret minimisation in stochastic bandits under $ε$-global Differential Privacy DP has been widely studied. Unlike bandit...
Federated Learning for Cyber Physical Systems: a Comprehensive Survey
The integration of machine learning ML in cyber physical systems CPS is a complex task due to the challenges that arise in terms of real-time decision making, safety, reliability, device heterogeneity, and data privacy. There are also open research questions that must be addressed in order to ful...
Configure Proper SSH Key Exchange Algorithms
Key exchange is a process in which two parties exchange keys to allow the use of an encryption algorithm. A secure key exchange algorithm enables them to securely exchange keys, thereby using encryption algorithms to encrypt messages to be sent and decrypt received messages. Set the SSH key...
Botan C++ Crypto Algorithms Library 3.8.0
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS 10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to...
Configure Proper Key Algorithms for User Authentication
If the public and private key authentication mode is used, the public and private key algorithms on the client must be restricted to avoid using insecure algorithms that have been phased out in the industry. The recommended security algorithms are sorted by priority as follows. The algorithms hav...
Configure Proper Cryptographic Algorithms for the SSH Service
As cryptographic technologies develop and computing capabilities improve, some cryptographic algorithms are no longer suitable for today SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Configure Proper MACs Algorithms for the SSH Service
In cryptography, a message authentication code MAC is an authentication mechanism used by communication entities to check message integrity. If the configured algorithms are insecure, security risks increase because weak algorithms have been or are about to be cracked in the industry. The...
Do Not Configure the Encryption Algorithm Overwriting Policy for the SSH Service
The configuration files of the SSH encryption algorithms are /etc/ssh/sshdconfig and /etc/sysconfig/sshd. When the SSH service is running, you can edit the /etc/sysconfig/sshd file to overwrite the encryption algorithm policy. If the encryption algorithm overwriting policy is configured, users ar...
CVE-2024-55912
IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...
CVE-2024-55912
IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...
CVE-2024-55912
CVE-2024-55912 affects IBM Concert Software 1.0.0–1.0.5, where the use of weaker-than-expected cryptographic algorithms could permit an attacker to decrypt highly sensitive information. The related sources in connected documents confirm affected versions and a remediation: upgrade to IBM Concert ...
CVE-2024-55912 IBM Concert Software information disclosure
IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...
CVE-2024-55912 IBM Concert Software information disclosure
IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...