SUSE: Security Advisory (SUSE-SU-2018:2928-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-3505

A flaw was found in libtpms. The TPM 2 implementation returns 2048 bit keys with 1984 bit strength due to a bug in the TCG specification. The bug is in the key creation algorithm in RsaAdjustPrimeCandidate, which is called before the prime number check. The highest threat from this vulnerability ...

Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2021-1744)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: pki-core and redhat-pki-theme security and bug fix update

An update for pki-core and redhat-pki-theme is now available for Red Hat Certificate System 9.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2021-27891

SSH Tectia Client and Server before 6.4.19 on Windows have weak key generation. ConnectSecure on Windows is affected...

CVE-2021-27891

SSH Tectia Client and Server before 6.4.19 on Windows have weak key generation. ConnectSecure on Windows is affected...

Information disclosure

SSH Tectia Client and Server before 6.4.19 on Windows have weak key generation. ConnectSecure on Windows is affected...

CVE-2021-27891

SSH Tectia Client and Server before 6.4.19 on Windows have weak key generation. ConnectSecure on Windows is affected...

CVE-2021-27891

CVE-2021-27891 affects SSH Tectia Client and Server prior to 6.4.19 on Windows and ConnectSecure on Windows, due to weak key generation. Affected components: SSH Tectia Client/Server on Windows. Root cause: weak key generation in the cryptographic setup. Impact per NVD CVSS: CVSS v3.1 base score ...

SSH.COM SSH Tectia Client and Server 安全漏洞

SSH.COM SSH Tectia Client and Server is an application from Finland SSH.COM. It is used for secure file transfer and remote access. A security vulnerability exists in SSH Tectia Client and Server before 6.4.19, which stems from weak key generation...

NewStart CGSL MAIN 6.02 : nss Multiple Vulnerabilities (NS-SA-2021-0053)

The remote NewStart CGSL host, running version MAIN 6.02, has nss packages installed that are affected by multiple vulnerabilities: - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects Firefox...

OESA-2021-1059 nss security update

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

EulerOS Virtualization for ARM 64 3.0.6.0 : nss-softokn (EulerOS-SA-2021-1536)

According to the versions of the nss-softokn packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS. When using multi-part Chacha20, it could...

SUSE-SU-2021:0647-1 Security update for csync2

This update for csync2 fixes the following issues: - Fixed an issue where TLS keys were generated wrongly during installation bsc1145032...

CentOS 8 : nss and nspr (CESA-2020:3280)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:3280 advisory. - nss: Use-after-free in sftkFreeSession due to improper refcounting CVE-2019-11756 - nss: Check length of inputs for cryptographic primitives...

RHEL 7 : nss and nspr (RHSA-2020:4076)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4076 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server...

nss: Side channel vulnerabilities during RSA key generation

A flaw was found in NSS, where it is vulnerable to RSA key generation cache timing side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. The highest threat to this flaw is to confidentiality...

Oracle Linux 8 : nss / and / nspr (ELSA-2020-3280)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3280 advisory. nspr 4.25.0-2 - Rebuild 4.25.0-1 - Update to NSPR 4.25 nss 3.53.1-11 - Fix issue with upgradedb where upgradedb expects standard to generate dbm...

nss: Side channel vulnerabilities during RSA key generation

A flaw was found in NSS, where it is vulnerable to RSA key generation cache timing side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. The highest threat to this flaw is to confidentiality...

GLSA-202007-62 : PyCrypto: Weak key generation

The remote host is affected by the vulnerability described in GLSA-202007-62 PyCrypto: Weak key generation It was discovered that PyCrypto incorrectly generated ElGamal key parameters. Impact : Attackers may be able to obtain sensitive information by reading ciphertext data. Workaround : There is...