CLSA-2026-1779213441 python3.11: Fix of 11 CVEs

CVE-2026-4224: avoid unbound C recursion in convcontentmodel in pyexpat - CVE-2026-3644: reject control characters in http.cookies.Morsel.update - CVE-2026-0672: reject control characters in http.cookies.Morsel - CVE-2025-8291: check consistency of zip64 end of central directory record -...

OpenSearch Data Prepper uses deprecated SSL protocol identifier

Impact The GeoIP processor and Kafka source and buffer were using the deprecated "SSL" protocol identifier when creating SSL contexts, potentially allowing the use of insecure SSL protocols instead of modern TLS versions. Multiple Data Prepper plugins used SSLContext.getInstance"SSL" which could...

[SECURITY] Fedora 41 Update: gnutls-3.8.10-1.fc41

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...

GnuTLS: Multiple Vulnerabilities

Background GnuTLS is a secure communications library implementing the SSL, TLS, and DTLS protocols Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...

Important: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Weak Password Vulnerability in Neusoft NetEye VPN Gateway System

Neusoft NetEye VPN gateway system is a professional VPN device, which adopts standard SSL and TLS protocols, and supports IPSec VPN and SSLVPN at the same time, and is not a plug-in card or firewall with VPN module device. Neusoft NetEye VPN gateway system has a weak password vulnerability, which...

ShellShockHunter - It's A Simple Tool For Test Vulnerability Shellshock

It's a simple tool for test vulnerability shellshock Autor: MrCl0wn Blog: http://blog.mrcl0wn.com GitHub: https://github.com/MrCl0wnLab Twitter: https://twitter.com/MrCl0wnLab Email: mrcl0wnlab@\gmail.com Shellshock software bug Shellshock, also known as Bashdoor, is a family of security bugs in...

Debian: Security Advisory (DSA-4652-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : haproxy (openSUSE-2019-824)

This update for haproxy to version 1.8.14 fixes the following issues : These security issues were fixed : - CVE-2018-14645: A flaw was discovered in the HPACK decoder what caused an out-of-bounds read in hpackvalididx that resulted in a remote crash and denial of service bsc1108683 -...

Security Bulletin: Vulnerability in SSLv3 affects Tivoli Storage Manager Operations Center (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in Tivoli Storage Manager Operations Center. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to...

App Layering: How to specify or disable SSL protocols and ciphers in the ELM

Modern security requirements often specify disabling certain SSL protocols or cipher families. The ELM uses an Apache web server daemon for accessing the Management Console UI. Citrix keeps the ELM deployment images up to date with modern requirements requiring TLS 1.2, disabling SSLv3, disabling...

How to disable SSL protocols on XenMobile server

XenMobile Server by default supports SSL protocols TLSv1.0, TLSv1.1, TLSv1.2. We can disable or enable the protocols from the XMS CLI console...

How do I Set Specific SSL Protocols on XenMobile Server 10.6

With our strong emphasis in security, the ability to specify the SSL protocols supported by XenMobile Server is critical to our customers to help them to control which SSL Protocols they allow to access XenMobile. With XenMobile Server 10.6, we introduce a new CLI option that allows the...

Process Shows "Starting Application", Freezes When Launching Applications from Receiver for iOS or From Browser on iOS Devices

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. When trying to launch an application from and iOS device using the browser or the Citrix Receiver, t...

Fast and Full Featured SSL Scanner: SSLyze

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers. SSLyze is all Python code but it uses an OpenSSL wrapper...

Debian DLA-364-1 : gnutls26 security update

Hanno Bck discovered that GnuTLS, a library implementing the TLS and SSL protocols, incorrectly validated the first padding byte in CBC modes. A remote attacker can possibly take advantage of this flaw to perform a padding oracle attack. For Debian 6 'Squeeze', this issue has been fixed in gnutls...

[SECURITY] [DSA 3191-1] gnutls26 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3191-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 15, 2015 http://www.debian.org/security/faq -...

Securing an Internet Made From 'Duck Tape and Baling Wire'

LAS VEGAS–The Internet that we use today was not designed as a cohesive network. It was put together from found bits and pieces over the course of the last few decades, and, as major bugs such as Heartbleed and others have shown, it’s a frighteningly fragile construction. Attackers know this as...

GnuTLS: Multiple vulnerabilities

Background GnuTLS is an Open Source implementation of the TLS 1.2 and SSL 3.0 protocols. Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers and Lucky Thirteen research paper referenced below for details. Impact A remote attacker could sent a...

Scientific Linux Security Update : openssl on SL6.x i386/x86_64

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a full-strength, general purpose cryptography library. A buffer over-read flaw was discovered in the way OpenSSL parsed the Certificate Status Request TLS extensions i...