Lucene search
K

27 matches found

F5 Networks
F5 Networks
added 2023/02/21 5:37 p.m.66 views

K02201365: SLOTH: TLS 1.2 handshake vulnerability CVE-2015-7575

Security Advisory Description A flaw was found in the way TLS 1.2 uses RSA+MD5 signatures with Client Authentication and ServerKeyExchange messages during a TLS 1.2 handshakes. An attacker with a Man-in-the-Middle network position and the ability to force / observe the use of RSA+MD5 during a TLS...

5.9CVSS7.8AI score0.0288EPSS
Exploits0Affected Software17
RedHat Linux
RedHat Linux
added 2020/12/16 3:21 p.m.3 views

OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

6.8CVSS7.4AI score0.04196EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/08/10 3:17 p.m.2 views

OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

6.8CVSS7.4AI score0.04196EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/08/10 3:17 p.m.2 views

OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

6.8CVSS7.4AI score0.04196EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/08/10 12:0 a.m.45 views

RHEL 6 : java-1.7.1-ibm (RHSA-2020:3387)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3387 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

8.3CVSS6.8AI score0.04315EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2020/08/10 12:0 a.m.262 views

RHEL 8 : java-1.8.0-ibm (RHSA-2020:3386)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3386 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

8.3CVSS6.8AI score0.04315EPSS
Exploits0References22
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/23 8:41 p.m.29 views

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects WebSphere Message Broker and IBM Integration Bus (CVE-2015-7575)

Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects WebSphere Message Broker and IBM Integration Bus Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a...

5.9CVSS0.4AI score0.0288EPSS
Exploits0Affected Software2
RedHat Linux
RedHat Linux
added 2020/02/27 3:34 p.m.4 views

OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

6.8CVSS7.4AI score0.04196EPSS
Exploits0References4
Mageia
Mageia
added 2020/01/30 6:28 p.m.68 views

Updated java-1.8.0-openjdk packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Improper checks of SASL message properties in GssKrb5Base Security, 8226352 CVE-2020-2590 Incorrect exception processing during deserialization in BeanContextSupport Serialization, 8224909 CVE-2020-2583 Incorrect isBuiltinStreamHandler causing UR...

8.1CVSS7.4AI score0.04903EPSS
Exploits0References3
OSV
OSV
added 2020/01/30 6:28 p.m.10 views

MGASA-2020-0069 Updated java-1.8.0-openjdk packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Improper checks of SASL message properties in GssKrb5Base Security, 8226352 CVE-2020-2590 Incorrect exception processing during deserialization in BeanContextSupport Serialization, 8224909 CVE-2020-2583 Incorrect isBuiltinStreamHandler causing UR...

8.1CVSS6.3AI score0.04903EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/01/27 8:57 a.m.13 views

OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

6.8CVSS7.4AI score0.04196EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/01/24 5:54 a.m.3 views

OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

6.8CVSS7.4AI score0.04196EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/01/24 5:54 a.m.58 views

Important: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS6.6AI score0.04903EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2020/01/22 12:0 a.m.52 views

Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20200121)

Security Fixes : - OpenJDK: Use of unsafe RSA-MD5 checkum in Kerberos TGS Security, 8229951 CVE-2020-2601 - OpenJDK: Serialization filter changes via jdk.serialFilter property modification Serialization, 8231422 CVE-2020-2604 - OpenJDK: Improper checks of SASL message properties in GssKrb5Base...

8.1CVSS6.4AI score0.04903EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2020/01/21 11:18 p.m.11 views

OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

6.8CVSS7.4AI score0.04196EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/01/21 3:10 a.m.106 views

Important: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS6.6AI score0.04903EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2020/01/21 12:0 a.m.38 views

RHEL 6 : java-1.8.0-openjdk (RHSA-2020:0157)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0157 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

8.1CVSS6.8AI score0.04903EPSS
Exploits0References16
Veracode
Veracode
added 2020/01/17 1:47 a.m.40 views

Information Disclosure

OpenJDK is vulnerable to information disclosure. The vulnerability exists through the use of unsafe RSA-MD5 checkum in Kerberos TGS...

6.8CVSS1.7AI score0.04196EPSS
Exploits0References21Affected Software5
Tenable Nessus
Tenable Nessus
added 2020/01/17 12:0 a.m.42 views

RHEL 7 : java-11-openjdk (RHSA-2020:0122)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0122 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

8.1CVSS6.8AI score0.04903EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2020/01/16 2:15 p.m.3 views

OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

6.8CVSS7.4AI score0.04196EPSS
Exploits0References4
Rows per page
Query Builder