MiracleLinux 7 : openssl-1.0.2k-21.el7 (AXSA:2020-994:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-994:04 advisory. openssl: EDIPARTYNAME NULL pointer de-reference CVE-2020-1971 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 7 : openssl-1.0.2k-23.el7 (AXSA:2022-2926:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-2926:01 advisory. openssl: Read buffer overruns processing ASN.1 strings CVE-2021-3712 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : openssl-1.0.2k-19.el7 (AXSA:2019-4126:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4126:04 advisory. openssl: 0-byte record padding oracle CVE-2019-1559 openssl: timing side channel attack in the DSA signature algorithm CVE-2018-0734 Tenable has...

MiracleLinux 7 : openssl-1.0.2k-16.1.el7 (AXSA:2019-3827:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3827:03 advisory. Security Fix - OpenSSL SMT Simultaneous Multi-threading 'port contention' CVE-2018-5407 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Exploit Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authorization Bypass Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authorization Bypass IDOR Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Versio...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Unauthenticated Factory Reset Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Unauthenticated Factory Reset Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First...

Security Bulletin: IBM Waston Machine Learning Acclerator is affected by an OpenSSL 1.0.2k vulnerability

Summary There is a vulnerability in OpenSSL 1.0.2k used by IBM Watson Machine Learning Accelerator. IBM Watson Machine Learning Accelerator has addressed the applicable CVE: CVE-2020-1968. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

Tenable SecurityCenter OpenSSL 1.0.2 < 1.0.2k Multiple Vulnerabilities (TNS-2017-04)

The Tenable SecurityCenter application installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities in the bundled version of OpenSSL : - A carry propagation error exists in the Broadwell-specific Montgomery multiplication procedure when handlin...

CVE-2017-3731

CVE-2017-3731 describes an out-of-bounds read/crash in SSL/TLS when running on 32-bit hosts using certain ciphers. Public sources in the connected documents show multiple vendors referencing OpenSSL in affected configurations: on OpenSSL 1.1.0, CHACHA20/POLY1305 can trigger the crash; on OpenSSL ...

CVE-2017-3731

If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; user...

PT-2017-3944

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.0.2 through 1.0.2k OpenSSL versions 1.1.0 through 1.1.0d MySQL Server versions 5.6.35 and earlier MySQL Server versions 5.7.18 and earlier Description The issue is related to an out-of-bounds read in the OpenSSL library when...

UBUNTU-CVE-2017-3731

If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; user...