UBUNTU-CVE-2024-26980

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb2allocaterspbuf If -ProtocolId is SMB2TRANSFORMPROTONUM, smb2 request size validation could be skipped. if request size is smaller than sizeofstruct smb2queryinforeq, slab-out-of-bounds read ca...

CVE-2023-46294

The CVE-2023-46294 issue affects Teledyne FLIR M300 firmware version 2.00–19. Local passwords are stored encrypted but can be decrypted to plaintext using the umSetup utility, which requires root privileges. The risk is that an attacker with local access could decrypt user account passwords via u...

PT-2024-13348 · Teledyne Flir · Teledyne Flir M300

Name of the Vulnerable Software and Affected Versions: Teledyne FLIR M300 versions 2.00 through 2.00-19 Description: An issue was discovered where user account passwords are encrypted locally and can be decrypted to cleartext passwords using the umSetup utility, which requires root permissions to...

golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.goL113. The objects leaked are pkey​ and ctx​. That functi...

libssh: Missing checks for return values for digests

A flaw was found in the libssh implements abstract layer for message digest MD operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or usage of the...

kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client

An out-of-bounds memory read flaw was found in receiveencryptedstandard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service...

pycryptodome: side-channel leakage for OAEP decryption in PyCryptodome and pycryptodomex

A flaw was found in PyCryptodome/pycryptodomex which may allow for side-channel leakage when performing OAEP decryption, which could be exploited to carry out a Manger attack...

IBM MQ 9.0 <= 9.0.0.24 / 9.1 <= 9.1.0.21 / 9.2 <= 9.2.0.25 / 9.3 <= 9.3.0.17 / 9.3 <= 9.3.5.1 (7149586)

The version of IBM MQ Server running on the remote host is affected by multiple vulnerabilities as referenced in the 7149586 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions...

ALSA-2024:2569 Important: grafana-pcp security update

grafana-pcp is an open source Grafana plugin for PCP. Security Fixes: grafana-pcp: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

SUSE SLES15 / openSUSE 15 Security Update : openCryptoki (SUSE-SU-2024:1447-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1447-1 advisory. - A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS1 v1.5 padded...

SUSE SLED15 / SLES15 / openSUSE 15 : Feature update for python-M2Crypto (SUSE-SU-SUSE-FU-2024:1448-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-FU-2024:1448-1 advisory. - A flaw was found in all released versions of m2crypto, where they are vulnerable to...

MGASA-2024-0152 Updated opencryptoki packages fix security vulnerability

A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key. CVE-2024-0914...

Updated opencryptoki packages fix security vulnerability

A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key. CVE-2024-0914...

CVE-2023-6096

Vladimir Kononovich, a Security Researcher has found a flaw that using a inappropriate encryption logic on the DVR. firmware encryption is broken and allows to decrypt. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds...

CentOS 9 : kernel-5.14.0-430.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-430.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix connection failure handling In case immediate MPA...

PT-2024-14882 · Unknown · Dvr Firmware

Name of the Vulnerable Software and Affected Versions: DVR firmware affected versions not specified Description: A flaw has been discovered in the DVR firmware's encryption logic, which is inappropriate and allows for decryption. The issue was found by Vladimir Kononovich, a security researcher...

CentOS 9 : nss-3.90.0-4.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the nss-3.90.0-4.el9 build changelog. - NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the...

DEBIAN-CVE-2024-2467

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack (CVE-2024-28176).

Summary IBM Event Streams is vulnerable to a denial of service due to the jose module component, caused by a flaw during JWE Decryption operations. Jose module is a javaScript implementation of the JSON Object Signing and Encryption JOSE for current web browsers and node. js-based servers...

IBM Cognos Analytics 11.1.1 < 11.1.7 FP8 / 11.2.x < 11.2.4 FP3 / 12.0.x < 12.0.2 (7123154)

The version of IBM Cognos Analytics installed on the remote host is prior to 11.1.7 FP8, 11.2.4 FP3, or 12.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the IBM Security Bulletin No. 7123154, including the following: - When deserializing untrusted or corrupted data,...