57 matches found
EUVD-2020-2588
Malware in sbrugna...
EUVD-2021-22782
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-1000520
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows Incorrectly Signed Certificates vulnerability in mbedtlssslgetverifyresult that can result i...
CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - xrdp package for Alpine Linux (CVE-2021-36158)
Summary Security Vulnerabilities affect IBM Cloud Private - xrdp package for Alpine Linux Vulnerability Details CVEID: CVE-2021-36158 DESCRIPTION: xrdp package for Alpine Linux is vulnerable to a man-in-the-middle attack, caused by improper generation of RSA certificates and private keys in the R...
CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
ALPINE-CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
Code injection
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
CVE-2021-36158
In the xrdp package in branches through 3.14 for Alpine Linux, RDP sessions are vulnerable to man-in-the-middle attacks because pre-generated RSA certificates and private keys are used...
CVE-2020-10125
NCR SelfServ ATMs running APTRA XFS 04.02.01 and 05.01.00 implement 512-bit RSA certificates to validate bunch note acceptor BNA software updates, which can be broken by an attacker with physical access in a sufficiently short period of time, thereby enabling the attacker to sign arbitrary files...
Authentication flaw
NCR SelfServ ATMs running APTRA XFS 04.02.01 and 05.01.00 implement 512-bit RSA certificates to validate bunch note acceptor BNA software updates, which can be broken by an attacker with physical access in a sufficiently short period of time, thereby enabling the attacker to sign arbitrary files...
CVE-2020-10125
NCR SelfServ ATMs running APTRA XFS 04.02.01 and 05.01.00 implement 512-bit RSA certificates to validate bunch note acceptor BNA software updates, which can be broken by an attacker with physical access in a sufficiently short period of time, thereby enabling the attacker to sign arbitrary files...
[SECURITY] Fedora 22 Update: monotone-1.1-13.fc22
monotone is a free, distributed version control system. It provides fully disconnected operation, manages complete tree versions, keeps its state in a local transactional database, supports overlapping branches and extensible metadata, exchanges work over plain network protocols, performs...
USN-2913-4 gnutls26 update
USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the GnuTLS package to properly handle the removal. Original advisory details: The ca-certificates package contained outdated CA certificates. This update...
[SECURITY] Fedora 23 Update: monotone-1.1-13.fc23
monotone is a free, distributed version control system. It provides fully disconnected operation, manages complete tree versions, keeps its state in a local transactional database, supports overlapping branches and extensible metadata, exchanges work over plain network protocols, performs...
Debian DLA-62-1 : nss security update
Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS the Mozilla Network Security Service library was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack. An attacker could craft ASN.1 data to forge RSA certificates with a valid certification...