RLSA-2024:0155 Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: timing side-channel in the RSA-PSK authentication CVE-2023-5981 For more details about the security issues,...

Moderate: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: timing side-channel in the RSA-PSK authentication CVE-2023-5981 For more details about the security issues,...

ALSA-2024:0155 Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: timing side-channel in the RSA-PSK authentication CVE-2023-5981 For more details about the security issues,...

PT-2024-10238 · Ibm · Ibm Devops Velocity +1

Name of the Vulnerable Software and Affected Versions: IBM DevOps Velocity version 5.0.0 IBM UrbanCode Velocity versions 4.0.0 through 4.0.25 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive...

Mastercard Cybersecurity

Safeguarding Trade: Discovering the World of Mastercard Digital Guardrails In our tech-driven era, it is vitro important that financial dealings are shielded competently. A colossal number of exchanges are happening each day, proving the ever growing necessity of sturdy digital protective measure...

SUSE-SU-2024:0057-1 Security update for eclipse-jgit, jsch

This update for eclipse-jgit, jsch fixes the following issues: Security fix: - CVE-2023-4759: Fixed an arbitrary file overwrite which might have occurred with a specially crafted git repository and a case-insensitive filesystem. bsc1215298 Other fixes: jsch was updated to version 0.2.9: - Added...

Improving Shor’s Algorithm

We dont have a useful quantum computer yet, but we do have quantum algorithms. Shors algorithm has the potential to factor large numbers faster than otherwise possible, which--if the run times are actually feasible--could break both the RSA and Diffie-Hellman public-key algorithms. Now, computer...

Weak Cryptography

blinksocks is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the usage of weak encryption algorithms and fixed initialization vectors IV within /presets/ssr-auth-chain.js. This issue can be exploited by an attacker to disclose sensitive encrypted information via brute...

bsock uses weak hashing algorithms

An issue was discovered in the bsock component of bcoin-org bcoin that allows remote attackers to obtain sensitive information via weak hashing algorithms in the component \vendor\faye-websocket.js...

CVE-2023-5594

Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted...

CVE-2023-50481

An issue was discovered in blinksocks version 3.3.8, allows remote attackers to obtain sensitive information via weak encryption algorithms in the component /presets/ssr-auth-chain.js...

Information disclosure

An issue was discovered in bcoin-org bcoin version 2.2.0, allows remote attackers to obtain sensitive information via weak hashing algorithms in the component \vendor\faye-websocket.js...

CVE-2023-50475

CVE-2023-50475 affects bcoin-org/bcoin v2.2.0 in the bsock component, via the vendor\faye-websocket.js allowing remote attackers to disclose sensitive information by using weak hashing algorithms (e.g., MD5/SHA1). The Red Hat/Veracode/OSV reports corroborate a weakness in the websocket hashing us...

CVE-2023-50481

CVE-2023-50481 affects blinksocks 3.3.8. The vulnerability is in the component /presets/ssr-auth-chain.js, due to the use of weak encryption algorithms (and fixed IVs) that can disclose sensitive information. Impact is described as sensitive information disclosure; no exploit details are provided...

Slackware Linux 14.2 / 15.0 / current libssh Multiple Vulnerabilities (SSA:2023-353-01)

The version of libssh installed on the remote host is prior to 0.10.6. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-353-01 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...

CVE-2023-28053

Dell NetWorker Virtual Edition versions 19.8 and below contain the use of deprecated cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to some information disclosure...

CVE-2023-28053

Dell NetWorker Virtual Edition versions 19.8 and below contain the use of deprecated cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to some information disclosure...

PT-2023-21517 · Dell · Dell Networker Virtual Edition

Name of the Vulnerable Software and Affected Versions: Dell NetWorker Virtual Edition versions 19.8 and below Description: The issue concerns the use of deprecated cryptographic algorithms in the SSH component, which could be exploited by a remote unauthenticated attacker, potentially leading to...

CVE-2023-48795

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...