Null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: erofs: fix inconsistent per-file compression format EROFS can select compression algorithms on a per-file basis, and each per-file compression algorithm needs to be marked in the on-disk superblock for initialization. However,...

CVE-2024-26590 erofs: fix inconsistent per-file compression format

In the Linux kernel, the following vulnerability has been resolved: erofs: fix inconsistent per-file compression format EROFS can select compression algorithms on a per-file basis, and each per-file compression algorithm needs to be marked in the on-disk superblock for initialization. However,...

PT-2024-10390 · Ibm · Ibm Mq Operator +1

Name of the Vulnerable Software and Affected Versions: IBM MQ Container versions 2.0.0 through 2.0.22, 2.2.0 through 2.2.2, 2.3.0 through 2.3.3, 2.4.0 through 2.4.8, 3.0.0, 3.0.1, 3.1.0 through 3.1.3 Description: The issue is related to the use of weaker than expected cryptographic algorithms in...

Improving the Cryptanalysis of Lattice-Based Public-Key Algorithms

The winner of the Best Paper Award at Crypto this year was a significant improvement to lattice-based cryptanalysis. This is important, because a bunch of NISTs post-quantum options base their security on lattice problems. I worry about standardizing on post-quantum algorithms too quickly. We are...

Moderate: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RLSA-2024:0627 Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: incomplete fix for CVE-2023-5981 CVE-2024-0553 For more details about the security issues, including the impact,...

Code injection

IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229440...

CVE-2022-34309 IBM CICS TX information disclosure

IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229440...

CVE-2022-34309

CVE-2022-34309 affects IBM CICS TX Standard and Advanced 11.1. The vulnerability arises from the use of weaker-than-expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. IBM’s advisories indicate that IBM CICS TX Standard and IBM CICS TX Advance...

CVE-2022-34310 IBM CICS TX information disclosure

IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229441...

CVE-2022-34310 IBM CICS TX information disclosure

IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229441...

CVE-2022-34310

The CVE-2022-34310 issue affects IBM CICS TX Standard and Advanced 11.1, where weaker-than-expected cryptographic algorithms could allow an attacker to decrypt highly sensitive information. Public documents confirm affected products and versions (IBM CICS TX Standard and IBM CICS TX Advanced, 11....

CVE-2024-22361

CVE-2024-22361 affects IBM Semeru Runtime (8.0.302.0–8.0.392.0, 11.0.12.0–11.0.21.0, 17.0.1.0–17.0.9.0, 21.0.1.0) and is described as using weaker cryptographic algorithms that could allow decryption of highly sensitive information. The provided connected documents confirm the affected runtimes a...

PT-2024-19363 · Ibm · Ibm Semeru Runtime

Name of the Vulnerable Software and Affected Versions: IBM Semeru Runtime versions 8.0.302.0 through 8.0.392.0 IBM Semeru Runtime versions 11.0.12.0 through 11.0.21.0 IBM Semeru Runtime versions 17.0.1.0 through 17.0.9.0 IBM Semeru Runtime version 21.0.1.0 Description: The issue is related to the...

IBM Semeru Runtime Encryption Issue Vulnerability

IBM Semeru Runtime is a Java Runtime Environment JRE from International Business Machines IBM. IBM Semeru Runtime suffers from a cryptographic issue vulnerability that stems from the use of weaker-than-expected encryption algorithms that could allow an attacker to decrypt highly sensitive...

Security Bulletin: Multiple vulnerabilities affect IBM® Semeru Runtime

Summary This bulletin covers all applicable Java SE CVEs published by OpenJDK as part of their January 2024 Vulnerability Advisory, plus CVE-2024-22361. For more information please refer to OpenJDK's January 2024 Vulnerability Advisory and the X-Force database entries referenced below...

Dell BSAFE Unmaintained Third Party Component Vulnerability

Dell BSAFE is a security software product from Dell, Inc. that supports cryptographic algorithms, certificate chain validation, and Transport Layer Security TLS encryption suites, among other things, to help users achieve a variety of security goals for their applications. An unmaintained...

Code injection

IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275117...

CVE-2023-50939

IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275129...

Code injection

IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 275129...