188 matches found
CVE-2020-36164
An issue was discovered in Veritas Enterprise Vault through 14.0. On start-up, it loads the OpenSSL library. The OpenSSL library then attempts to load the openssl.cnf configuration file which does not exist at the following locations in both the System drive typically C:\ and the product's...
Default configuration
An issue was discovered in Veritas System Recovery before 21.2. On start-up, it loads the OpenSSL library from \usr\local\ssl. This library attempts to load the from \usr\local\ssl\openssl.cnf configuration file, which does not exist. By default, on Windows systems, users can create directories...
Default configuration
An issue was discovered in Veritas Enterprise Vault through 14.0. On start-up, it loads the OpenSSL library. The OpenSSL library then attempts to load the openssl.cnf configuration file which does not exist at the following locations in both the System drive typically C:\ and the product's...
Design/Logic Flaw
An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...
CVE-2020-36164
An issue was discovered in Veritas Enterprise Vault through 14.0. On start-up, it loads the OpenSSL library. The OpenSSL library then attempts to load the openssl.cnf configuration file which does not exist at the following locations in both the System drive typically C:\ and the product's...
CVE-2020-36165
An issue was discovered in Veritas Desktop and Laptop Option DLO before 9.4. On start-up, it loads the OpenSSL library from /ReleaseX64/ssl. This library attempts to load the /ReleaseX64/ssl/openssl.cnf configuration file, which does not exist. By default, on Windows systems, users can create...
The vulnerability of the statem/statemdtls.c component in the OpenSSL library, which allows a hacker to cause a service failure.
The vulnerability of the statem/statemdtls.c component in the OpenSSL library is related to a resource management mechanism error. Exploiting this vulnerability could allow an attacker to cause service interruptions through a specially created DTLS message...
The vulnerability of the Montgomery quadradic multiplication algorithm implementation in OpenSSL libraries is related to an error in integer transfer on the x86_64 platform, which allows an attacker to gain unauthorized access to sensitive information.
The vulnerability of the Montgomery quadradic multiplication algorithm implementation in the OpenSSL library is related to an error in arithmetic operations on the x8664 platform. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain unauthorized access to sensiti...
The vulnerability of the CHACHA20-POLY1305 algorithm implementation in the OpenSSL library, related to improper access control, allows a perpetrator to trigger a service failure.
The vulnerability of the CHACHA20-POLY1305 algorithm implementation in the OpenSSL library is related to improper access control. Exploiting this vulnerability may allow a malicious actor, operating remotely, to cause service failures...
List of Security Fixes and Improvements in Veeam Agent for Linux
Purpose This article describes all security-related fixes and improvements introduced in each release or update of Veeam Agent for Linux. The goal of this article is to provide our customers' security and compliance teams with the detailed information on security improvements between releases, in...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1340)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1341)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-12572
A vulnerability in the London Trust Media Private Internet Access PIA VPN Client 1.0.2 build 02363 for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. On startup, the PIA Windows service pia-service.exe loads the OpenSSL library from...
Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2019 CPU)
According to its self-reported version number, the Oracle Primavera P6 Enterprise Project Portfolio Management EPPM installation running on the remote web server is 8.4 prior to 8.4.15.10, 15.x prior to 15.2.18.4, 16.x prior to 16.2.17.2, 17.x prior to 17.12.12.0, or 18.x prior to 18.8.8.0. It is...
Denial Of Service (DoS)
openssl is vulnerable to denial of service DoS attacks. The library improperly calculates string lengths, allowing a malicious user to cause a denial of service by passing a large string to the system...
The vulnerability of the RSA key generation algorithm in the OpenSSL library allows a hacker to recover the private key.
The vulnerability of the RSA key generation algorithm in the OpenSSL library is related to errors in cryptographic transformations. Exploiting this vulnerability could allow a malicious actor, operating remotely, to recover the secret key...
Tenable Nessus < 7.1.4 Multiple Vulnerabilities (TNS-2018-17)
According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 7.1.4. It is, therefore, affected by multiple vulnerabilities: - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's key handling during a TLS handshake...
Tenable Log Correlation Engine (LCE) < 5.1.1 (TNS-2018-13)
The version of Tenable Log Correlation Engine LCE installed on the remote host is a version prior to 5.1.1. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in the bundled third-party component OpenSSL library's key handling during a TLS handshake that causes a denial of...
Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On
Summary Multiple vulnerabilities in Apache HTTPD can cause denial of service and allow a remote attacker to bypass security restrictions and obtain sensitive information in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On. A Vulnerability in the Memcached library used by the IBM...
Security Bulletin: Vulnerability in the OpenSSL library affects IBM Tealeaf Customer Experience PCA (CVE-2017-3730).
Summary A Vulnerability in the OpenSSL library used by the IBM Tealeaf Customer Experience PCA could permit a denial of service attack. Vulnerability Details CVEID: CVE-2017-3730 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. By sending specially...