PT-2024-39022 · Planet Technology · Planet Technology Switch

Name of the Vulnerable Software and Affected Versions: PLANET Technology switch models affected versions not specified Description: The issue concerns the use of obsolete algorithms for authentication and encryption protocols in the SNMPv3 service, potentially allowing attackers to obtain plainte...

The vulnerability in the `FillColorRow8` function of the `utils.cpp` component in the OpenCV library, which is used for computer vision, image processing, and numerical algorithms of general purpose, open-source nature, allows a perpetrator to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the FillColorRow8 function in the utils.cpp component of the OpenCV library, which is used for computer vision, image processing, and general numerical algorithms, is related to buffer overflows. Exploiting this vulnerability could allow an attacker to gain access to...

The vulnerability in the implementation of the SSH server of the Cisco Catalyst Center (formerly Cisco DNA Center) allows a attacker to execute a spoofing attack.

The vulnerability of the SSH-server implementation in the Cisco Catalyst Center formerly Cisco DNA Center network infrastructure management system is related to the use of cryptographic algorithms for encryption with a hard-programmed key. Exploiting this vulnerability could allow a malicious act...

[SECURITY] Fedora 39 Update: openssl-3.1.4-4.fc39

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

[SECURITY] Fedora 41 Update: openssl-3.2.2-7.fc41

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

“Simply staggering” surveillance conducted by social media and streaming services, FTC finds

The US Federal Trade Commission FTC released a report that examines the data collection and use practices of major social media and video streaming services, finding that—and this will not come as a surprise to our regular readers—the companies engaged in vast surveillance of consumers in order t...

The vulnerability of the PowerScale OneFS operating system, related to the use of cryptographic algorithms containing defects, allows a perpetrator to disclose protected information.

The vulnerability of the PowerScale OneFS operating system is related to the use of cryptographic algorithms that contain defects. Exploiting this vulnerability allows a malicious actor to disclose the protected information...

Microsoft Is Adding New Cryptography Algorithms

Microsoft is updating SymCrypt, its core cryptographic library, with new quantum-secure algorithms. Microsofts details are here. From a news article: The first new algorithm Microsoft added to SymCrypt is called ML-KEM. Previously known as CRYSTALS-Kyber, ML-KEM is one of three post-quantum...

Dell InsightIQ Encryption Problem Vulnerability (CNVD-2024-38774)

Dell InsightIQ is a performance monitoring and reporting tool from Dell USA. Dell InsightIQ suffers from a cryptographic issue vulnerability that arises from the use of corrupt or risky encryption algorithms. An unauthenticated remote access attacker could exploit the vulnerability to cause...

IBM Maximo Application Suite Encryption Issue Vulnerability

IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. An encryption issue vulnerability exists in IBM Maximo Application Suite versions 8.10, 8.11, and 9.0,...

CVE-2024-37068

IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information using man in the middle techniques...

CVE-2024-37068

IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information using man in the middle techniques...

CVE-2024-37068

CVE-2024-37068 affects IBM Maximo Application Suite – Manage Component (MAS) versions 8.10, 8.11, and 9.0. The root cause is the use of weaker-than-expected cryptographic algorithms, enabling potential decryption of highly sensitive information via man-in-the-middle techniques. Impact is informat...

CVE-2024-37068 IBM Maximo Application Suite information disclosure

IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information using man in the middle techniques...

Security Bulletin: There is a vulnerability in Manage Componenet used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2024-37068)

Summary There is a vulnerability in Manage Componenet used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2024-37068 DESCRIPTION: IBM Maximo Application Suite - Manage Component uses weaker than expected cryptographic algorithms that could allow ...

PT-2025-11274 · Ibm · Ibm Security Qradar Edr

Name of the Vulnerable Software and Affected Versions: IBM Security QRadar version 3.12 EDR Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt sensitive credential information. Recommendations: For IBM Security...

CVE-2024-37305

A flaw was found in oqs-provider, which is an OpenSSL 3 provider that contains post-quantum algorithms. The issue occurs from the way oqs-provider handles lengths decoded with DECODEUINT32 at the start of serialized hybrid traditional + post-quantum keys and signatures. As a result, malformed inp...

Security Bulletin: Security Vulnerabilities discovered in IBM Security Verify Directory (CVE-2022-32753, CVE-2022-32756, CVE-2022-32754)

Summary Security Vulnerabilities discovered in Web Admin Tool provided by IBM Security Verify Directory products have been resolved. Vulnerability Details CVEID:CVE-2022-32753 DESCRIPTION: IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an...

CVE-2024-39745

IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2024-39745 IBM Sterling Connect:Direct Web Services information disclosure

IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...