Lucene search
+L

306 matches found

Tenable Nessus
Tenable Nessus
added 2015/03/24 12:0 a.m.58 views

RHEL 6 : openssl (RHSA-2015:0715)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0715 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a...

7.5CVSS7.8AI score0.44503EPSS
Exploits2References21
Fedora
Fedora
added 2015/03/18 10:23 a.m.40 views

[SECURITY] Fedora 21 Update: libgcrypt-1.6.3-1.fc21

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...

5.9CVSS2.5AI score0.01952EPSS
Exploits0
Fedora
Fedora
added 2015/03/13 5:2 p.m.35 views

[SECURITY] Fedora 22 Update: libgcrypt-1.6.3-1.fc22

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...

5.9CVSS2.5AI score0.01952EPSS
Exploits0
ThreatPost
ThreatPost
added 2014/12/17 1:57 p.m.12 views

Google Releases End-To-End Chrome Extension to Open Source

Google yesterday announced that it has released the source code for its End-to-End extension for Chrome to open source via GitHub. End-to-End enables Gmail users to encrypt, sign and verify email messages within the Chrome browser, using OpenPGP. “We’ve always believed strongly that End-To-End mu...

7.2AI score
Exploits0References3
Ubuntu
Ubuntu
added 2014/09/03 5:36 p.m.55 views

USN-2339-2: Libgcrypt vulnerability

Daniel Genkin, Adi Shamir, and Eran Tromer discovered that Libgcrypt was susceptible to an adaptive chosen ciphertext attack via physical side channels. A local attacker could use this attack to possibly recover private keys...

2.1CVSS6.5AI score0.00531EPSS
Exploits0
ThreatPost
ThreatPost
added 2014/07/15 3:48 p.m.13 views

Early Review of LibreSSL Finds Problematic PRNG

When the OpenBSD foundation sent LibreSSL out the door last weekend, it was with the full intention of getting some feedback and scrutiny in return, all in the name of making the crypto library stable and secure. What they likely didn’t expect were claims surfacing that LibreSSL shared some of th...

7.4AI score
Exploits0References3
Fedora
Fedora
added 2014/05/21 2:31 a.m.14 views

[SECURITY] Fedora 19 Update: botan-1.8.14-3.fc19

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

1.8AI score
Exploits0
ThreatPost
ThreatPost
added 2014/03/10 11:24 a.m.11 views

GnuTLS Bug Exposes Shortcomings in TLS Test Suites

Code audits are often ugly tasks and can sometimes find ugly things. Case in point: the GnuTLS goto bug. Chief architect and Red Hat engineer Nikos Mavrogiannopoulos initiated a code audit of the open source crypto library that eventually turned up last week’s critical bug. The bad code has been...

7.3AI score
Exploits0References4
Debian
Debian
added 2014/02/10 3:41 p.m.46 views

[SECURITY] [DSA 2858-1] iceweasel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2858-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 10, 2014 http://www.debian.org/security/faq -...

10CVSS9.4AI score0.07072EPSS
Exploits9
OpenVAS
OpenVAS
added 2014/02/10 12:0 a.m.46 views

Debian Security Advisory DSA 2858-1 (iceweasel - several vulnerabilities)

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, too-verbose error messages and missing permission checks may lead to the execution of arbitrary code, the bypass of security checks or...

10CVSS0.07072EPSS
Exploits9References1
OSV
OSV
added 2014/02/10 12:0 a.m.30 views

DSA-2858-1 iceweasel - several

Bulletin has no description...

10CVSS8.6AI score0.07072EPSS
Exploits9
OpenVAS
OpenVAS
added 2014/02/09 12:0 a.m.43 views

Debian: Security Advisory (DSA-2858-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.1AI score0.07072EPSS
Exploits9References3
ThreatPost
ThreatPost
added 2014/02/04 12:25 p.m.12 views

Facebook Conceal Java Crypto LIbrary Open Sourced

Facebook has released to open source its Conceal Java crypto libraries for Android devices. Conceal, according to Facebook, offers developers a lightweight and efficient crypto library. The social media giant developed Conceal to handle encryption of storage on removable SD cards, something that...

0.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2013/12/23 10:29 a.m.22 views

RSA Denies NSA Backdoor Payment Allegations, But Questions Linger

The accumulation of hundreds of leaked documents and formerly secret operational methods used by the NSA in the last six months has led to a bit of a numbing effect, with some new leaks being met with a shrug of indifference. But the latest and most explosive entry in that ledger–the report that...

7.2AI score
Exploits0References5
Fedora
Fedora
added 2013/08/02 3:22 a.m.29 views

[SECURITY] Fedora 19 Update: libgcrypt-1.5.3-1.fc19

Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...

1.9CVSS2.5AI score0.00533EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/05/28 12:0 a.m.34 views

Mandriva Linux Security Advisory : openvpn (MDVSA-2013:167)

Updated openvpn package fixes security vulnerability : OpenVPN 2.3.0 and earlier running in UDP mode are subject to chosen ciphertext injection due to a non-constant-time HMAC comparison function. Plaintext recovery may be possible using a padding oracle attack on the CBC mode cipher implementati...

2.6CVSS5.5AI score0.02813EPSS
Exploits1References1
PyPA
PyPA
added 2012/06/17 3:41 a.m.7 views

PYSEC-2012-16

PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the private key...

4.3CVSS6.7AI score0.02727EPSS
Exploits2References15Affected Software1
UbuntuCve
UbuntuCve
added 2011/05/31 8:55 p.m.33 views

CVE-2011-0766

The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys...

7.8CVSS5.9AI score0.03046EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2010/09/01 12:0 a.m.18 views

Vulnerability In Crypto Library - Cisco Systems

"A vulnerability has been discovered in a third-party cryptographic library that is used by a number of Cisco products. This vulnerability may be triggered when a malformed Abstract Syntax Notation One ASN.1 object is parsed. Due to the nature of the vulnerability it may be possible, in some case...

5CVSS5.4AI score0.04445EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/06/01 12:0 a.m.49 views

VMSA-2010-0009 : ESXi ntp and ESX Service Console third-party updates

a. Service Console update for COS kernel Updated COS package 'kernel' addresses the security issues that are fixed through versions 2.6.18-164.11.1. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2009-2695, CVE-2009-2908, CVE-2009-3228, CVE-2009-3286,...

10CVSS7.4AI score0.80134EPSS
Exploits61References44
Rows per page
Query Builder