Lucene search
K

4226 matches found

OpenVAS
OpenVAS
added 2016/05/20 12:0 a.m.22 views

IBM WebSphere Application Server Information Disclosure Vulnerability (swg21979231)

IBM WebSphere Application Server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.9CVSS6AI score0.01403EPSS
Exploits0References1
OSV
OSV
added 2016/05/17 2:8 p.m.3 views

CVE-2016-0306

IBM WebSphere Application Server WAS 7.0 before 7.0.0.41, 8.0 before 8.0.0.13, and 8.5 before 8.5.5.10, when FIPS 140-2 is enabled, misconfigures TLS, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...

5.9CVSS5.8AI score0.01403EPSS
Exploits0References3
Prion
Prion
added 2016/05/17 2:8 p.m.10 views

Information disclosure

IBM WebSphere Application Server WAS 7.0 before 7.0.0.41, 8.0 before 8.0.0.13, and 8.5 before 8.5.5.10, when FIPS 140-2 is enabled, misconfigures TLS, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...

4.3CVSS6AI score0.01403EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2016/05/17 2:0 p.m.75 views

CVE-2016-0306

CVE-2016-0306 (IBM WAS) : WebSphere Application Server versions 7.0 before 7.0.0.41, 8.0 before 8.0.0.13, and 8.5 before 8.5.5.10 have a TLS misconfiguration when FIPS 140-2 is enabled, enabling MITM attackers to obtain sensitive information. IBM advisories indicate fixes are available by upgradi...

5.9CVSS5.4AI score0.01403EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/05/16 12:0 a.m.35 views

OracleVM 3.3 / 3.4 : openssh (OVMSA-2016-0048)

The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317817 - Restore functionallity of pamsshagentauth in FIPS mode 1278315 - Initialize devicesdone variable for challenge response 128146...

6.4CVSS7AI score0.37016EPSS
Exploits13References3
Tenable Nessus
Tenable Nessus
added 2016/05/06 12:0 a.m.48 views

openSUSE Security Update : openssl (openSUSE-2016-561)

This update for openssl fixes the following issues : - CVE-2016-2108: Memory corruption in the ASN.1 encoder boo977617 - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check boo977616 - CVE-2016-2105: EVPEncodeUpdate overflow boo977614 - CVE-2016-2106: EVPEncryptUpdate overflow boo977615 -...

10CVSS7.6AI score0.89058EPSS
Exploits7References13
Tenable Nessus
Tenable Nessus
added 2016/05/05 12:0 a.m.62 views

SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2016:1233-1)

This update for openssl fixes the following issues : - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check bsc977616 - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 -...

10CVSS7.7AI score0.89058EPSS
Exploits7References19
OSV
OSV
added 2016/05/04 12:34 p.m.9 views

SUSE-SU-2016:1233-1 Security update for openssl

This update for openssl fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check bsc977616 - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 -...

10CVSS7.3AI score0.89058EPSS
Exploits7References14
Tenable Nessus
Tenable Nessus
added 2016/03/22 12:0 a.m.52 views

OracleVM 3.3 / 3.4 : openssh (OVMSA-2016-0038)

The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices 1245969 - CVE-2016-3115: missing sanitisation of input for X11 forwarding 1317816 - SSH2MSGDISCONNECT for user initiate...

8.5CVSS6.8AI score0.37016EPSS
Exploits17References7
OpenVAS
OpenVAS
added 2016/03/11 12:0 a.m.20 views

Oracle: Security Advisory (ELSA-2016-0428)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.3AI score0.02697EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/03/11 12:0 a.m.42 views

OracleVM 3.3 / 3.4 : libssh2 (OVMSA-2016-0035)

The remote OracleVM system is missing necessary patches to address critical security updates : - use secrects of the appropriate length in Diffie-Hellman CVE-2016-0787 - fix basic functionality of libssh2 in FIPS mode 968575 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks ...

5.9CVSS6.6AI score0.02697EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2016/03/10 12:0 a.m.35 views

libssh2 security update

1.4.2-2.el67.1 - use secrects of the appropriate length in Diffie-Hellman CVE-2016-0787 1.4.2-2 - fix basic functionality of libssh2 in FIPS mode 968575...

4.3CVSS1.5AI score0.02697EPSS
Exploits0
Oracle linux
Oracle linux
added 2015/11/23 12:0 a.m.67 views

openssh security, bug fix, and enhancement update

6.6.1p1-22 - Use the correct constant for glob limits 1160377 6.6.1p1-21 - Extend memory limit for remote glob in sftp acc. to stat limit 1160377 6.6.1p1-20 - Fix vulnerabilities published with openssh-7.0 1265807 - Privilege separation weakness related to PAM support - Use-after-free bug related...

8.5CVSS0.2AI score0.09302EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/11/05 12:0 a.m.18 views

Scientific Linux Security Update : libreswan on SL7.x x86_64 (20151104)

A flaw was discovered in the way Libreswan's IKE daemon processed IKE KE payloads. A remote attacker could send specially crafted IKE payload with a KE payload of g^x=0 that, when processed, would lead to a denial of service daemon crash. CVE-2015-3240 Note: Please note that when upgrading from a...

4.3CVSS7.2AI score0.02765EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/11/05 12:0 a.m.25 views

CentOS Update for libreswan CESA-2015:1979 centos7

Check the version of libreswan SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882312";...

4.3CVSS7.3AI score0.02765EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/11/05 12:0 a.m.23 views

RedHat Update for libreswan RHSA-2015:1979-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.5AI score0.02765EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/11/05 12:0 a.m.32 views

RHEL 7 : libreswan (RHSA-2015:1979)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2015:1979 advisory. Libreswan is an implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both...

4.3CVSS7.3AI score0.02765EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2015/11/04 8:37 a.m.41 views

Moderate: Red Hat Security Advisory: libreswan security and enhancement update

Updated libreswan packages that fix one security issue, several bugs, and add several enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which give...

4.3CVSS7.2AI score0.02765EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/11/04 12:0 a.m.17 views

Oracle Linux 7 : libreswan (ELSA-2015-1979)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2015-1979 advisory. - Resolves: rhbz1259208 CVE-2015-3240 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

4.3CVSS7.3AI score0.02765EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/11/04 12:0 a.m.36 views

CentOS 7 : libreswan (CESA-2015:1979)

Updated libreswan packages that fix one security issue, several bugs, and add several enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which give...

4.3CVSS7.3AI score0.02765EPSS
Exploits0References2
Rows per page
Query Builder