Information disclosure

In Stormshield 1.1.0, and 2.1.0 through 2.9.0, an attacker can block a client from accessing the VPN and can obtain sensitive information through the SN VPN SSL Client...

CVE-2021-31814

In Stormshield 1.1.0, and 2.1.0 through 2.9.0, an attacker can block a client from accessing the VPN and can obtain sensitive information through the SN VPN SSL Client...

CVE-2021-31814

Stormshield Network Security is affected: Stormshield 1.1.0 and 2.1.0–2.9.0 allow an attacker to block VPN client access and disclose sensitive information via the SN VPN SSL Client. The Red Hat and NVD entries confirm the same description across multiple sources; PT-2022-10052 notes no public fi...

OpenSSL: Vulnerabilities in ASN.1 parsing (CVE-2003-0543, CVE-2003-0544) - Linux

OpenSSL is prone to multiple denial of service DoS vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

SUSE: Security Advisory (SUSE-SU-2019:0900-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-5180

Viscosity 1.8.2 on Windows and macOS allows an unprivileged user to set a subset of OpenVPN parameters, which can be used to load a malicious library into the memory of the OpenVPN process, leading to limited local privilege escalation. When a VPN connection is initiated using a TLS/SSL client...

Sandbox Restrictions Bypass

IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java...

Denial Of Service (DoS)

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled...

openSUSE Security Update : dovecot22 (openSUSE-2019-1220)

This update for dovecot22 fixes the following issues : Security issues fixed : - CVE-2019-7524: Fixed an improper file handling which could result in stack overflow allowing local root escalation bsc1130116. - CVE-2019-3814: Fixed a vulnerability related to SSL client certificate authentication...

SUSE SLES12 Security Update : dovecot22 (SUSE-SU-2019:0900-1)

This update for dovecot22 fixes the following issues : Security issues fixed : CVE-2019-7524: Fixed an improper file handling which could result in stack overflow allowing local root escalation bsc1130116. CVE-2019-3814: Fixed a vulnerability related to SSL client certificate authentication...

openSUSE Security Update : znc (openSUSE-2019-571)

This update for znc fixes the following issues : - Update to version 1.7.1 - CVE-2018-14055: non-admin user could gain admin privileges and shell access by injecting values into znc.conf bnc1101281 - CVE-2018-14056: path traversal in HTTP handler via ../ in a web skin name. bnc1101280 - Update to...

openssl security update

1.0.2k-16.0.1.el76.1 - Bump release for rebuild. 1.0.2k-16.1 - use SHA-256 in FIPS RSA pairwise key check - fix CVE-2018-5407 - EC signature local timing side-channel key extraction 1.0.2k-16 - fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA - fix incorrect error message on...

SUSE SLES15 Security Update : dovecot23 (SUSE-SU-2019:0414-1)

This update for dovecot23 fixes the following issues : dovecot was updated to 2.3.3 release, bringing lots of bugfixes bsc1124356. Also the following security issue was fixed : CVE-2019-3814: A vulnerability in Dovecot related to SSL client certificate authentication was fixed bsc1123022 The...

Open-Xchange: Username restriction bypass with SSL client authentication

Summary: Dovecot supports enforcing the login user name to be the one encoded in the SSL client certificate, thus restricting the username. Using SSL certificates that do not even contain the relevant field bypasses this restriction, maybe leading to full login bypass under some luckily rare...

openSUSE Security Update : znc (openSUSE-2018-819)

This update for znc fixes the following issues : - Update to version 1.7.1 - CVE-2018-14055: non-admin user could gain admin privileges and shell access by injecting values into znc.conf bnc1101281 - CVE-2018-14056: path traversal in HTTP handler via ../ in a web skin name. bnc1101280 - Update to...

Security update for znc (moderate)

This update for znc fixes the following issues: - Update to version 1.7.1 CVE-2018-14055: non-admin user could gain admin privileges and shell access by injecting values into znc.conf bnc1101281 CVE-2018-14056: path traversal in HTTP handler via ../ in a web skin name. bnc1101280 - Update to...

Security update for znc (moderate)

This update for znc fixes the following issues: - Update to version 1.7.1 CVE-2018-14055: non-admin user could gain admin privileges and shell access by injecting values into znc.conf bnc1101281 CVE-2018-14056: path traversal in HTTP handler via ../ in a web skin name. bnc1101280 - Update to...

CVE-2018-1085

openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCDCLIENTCERTAUTH and ETCDPEERCLIENTCERTAUTH in etcd.conf result in etcd being configured to allow remote users...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Datapower Gateways (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Datapower Gateways. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly...

CVE-2018-5506

In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 the Apache modules apacheauthtokenmod and modauthf5authtoken.cpp allow possible unauthenticated bruteforce on the emserverip authorization parameter to obtain which SSL client certificates used for mutual authentication between...