CVE-2023-51842

An algorithm-downgrade issue was discovered in Ylianst MeshCentral 1.1.16...

CVE-2023-51842

An algorithm-downgrade issue was discovered in Ylianst MeshCentral 1.1.16...

CVE-2023-51842

An algorithm-downgrade issue was discovered in Ylianst MeshCentral 1.1.16...

PT-2024-14313 · Ylianst · Ylianst Meshcentral

Name of the Vulnerable Software and Affected Versions: Ylianst MeshCentral version 1.1.16 Description: An algorithm-downgrade issue was discovered. Recommendations: For Ylianst MeshCentral version 1.1.16, at the moment, there is no information about a newer version that contains a fix for this...

USN-6585-1 libssh2 vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

Ubuntu: Security Advisory (USN-6560-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Synology Router Manager (SRM) 1.2.x Multiple Vulnerabilities (Synology-SA-20:14)

Synology Router Manager SRM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2022-33173

An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Analytics Remote Links may temporarily downgrade to non-TLS connection to determine the TLS port number, using SCRAM-SHA instead...

CVE-2022-33173

An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Analytics Remote Links may temporarily downgrade to non-TLS connection to determine the TLS port number, using SCRAM-SHA instead...

CVE-2022-33173

An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Analytics Remote Links may temporarily downgrade to non-TLS connection to determine the TLS port number, using SCRAM-SHA instead...

CVE-2020-27652

Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager DSM before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors...

Design/Logic Flaw

Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager SRM before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors...

Design/Logic Flaw

Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager DSM before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors...

CVE-2020-27652

Summary: CVE-2020-27652 affects Synology DiskStation Manager (DSM) via QuickConnect: an algorithm downgrade vulnerability enables MITM attackers to spoof servers and obtain sensitive information through unspecified vectors. The issue is documented across multiple sources (NVD, Synology SA-20:18, ...

CVE-2020-27652

Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager DSM before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors...

ICSMA-20-261-01_Philips Clinical Collaboration Platform

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Low skill level to exploit Vendor: Philips Equipment: Clinical Collaboration Platform Vulnerabilities: Cross-site Request Forgery, Improper Neutralization of Script in Attributes in a Web Page, Protection Mechanism Failure, Algorithm Downgrade,...

Cisco Small Business 100 Series and 300 Series Wireless Access Points Encryption Algorithm Downgrade Vulnerability

A vulnerability in the implementation of Extensible Authentication Protocol over LAN EAPOL functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an unauthenticated, adjacent attacker to force the downgrade of...

Arista Networks EOS Multiple Vulnerabilities (SA0018) (DROWN)

The version of Arista Networks EOS running on the remote device is affected by multiple vulnerabilities in the included OpenSSL library : - A cipher algorithm downgrade vulnerability exists due to a flaw that is triggered when handling cipher negotiation. A remote attacker can exploit this to...

Oracle VM VirtualBox < 4.3.36 / 5.0.18 Multiple Vulnerabilities (April 2016 CPU)

The Oracle VM VirtualBox application installed on the remote host is a version prior to 4.3.36 or 5.0.18. It is, therefore, affected by an unspecified flaw in the Core subcomponent that allows a local attacker to gain elevated privileges. Additionally, multiple vulnerabilities exist in the bundle...

CVE-2014-8627

PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors...