CVE-2023-4695 Use of Predictable Algorithm in Random Number Generator in pkp/pkp-lib

Use of Predictable Algorithm in Random Number Generator in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

Cleartext Signed Message Signature Spoofing in openpgp

Impact OpenPGP Cleartext Signed Messages are cryptographically signed messages where the signed text is readable without special tools: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This text is signed. -----BEGIN PGP SIGNATURE----- wnUEARMIACcFgmTkrNAJkInXCgj0fgcIFiEE1JlKzzDGQxZmmHkYidcKCPR+...

CVE-2023-41037 Cleartext Signed Message Signature Spoofing in openpgpjs

OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. In affected versions OpenPGP Cleartext Signed Messages are cryptographically signed messages where the signed text is readable without special tools. These messages typically contain a "Hash: ..." header declaring the hash algorit...

Number of prize tiers may never scale due to aggressive new algorithm

Lines of code Vulnerability details Comments This issue is very similar to M-14 but covers another edge case where the threshold check is not performed when there are currently 14 prize tiers and at least 1 canary tier is claimed. This is due to an early return of MAXIMUMNUMBEROFTIERS. Mitigation...

lrzip 安全漏洞

lrzip is a compression utility program by the individual developer Con Kolivas. A security vulnerability exists in lrzip-next LZMA v23.01, which stems from the presence of an access conflict...

PT-2023-27099 · Unknown · Lrzip-Next

Name of the Vulnerable Software and Affected Versions: lrzip-next LZMA version 23.01 Description: The issue is related to an access violation in the component /bz3 decode block, located in the src/libbz3.c file. This access violation can be exploited, potentially leading to unintended consequence...

Monti Ransomware Returns with New Linux Variant and Enhanced Evasion Tactics

The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the encryptor in its attacks targeting government and legal sectors. Monti emerged in June 2022, weeks after the Conti ransomware group shut down its operations, deliberately imitatin...

CVE-2023-23347

HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information...

CVE-2023-23347

HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information...

Information disclosure

HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information...

CVE-2023-23346

HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information...

CVE-2023-23346

HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information...

Information disclosure

HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information...

CVE-2023-23347 Use of a broken cryptographic algorithm affects HCL DRYiCE iAutomate

HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information...

CVE-2023-23347 Use of a broken cryptographic algorithm affects HCL DRYiCE iAutomate

HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information...

CVE-2023-23347

CVE-2023-23347 affects HCL DRYiCE iAutomate. The vulnerability arises from the use of a broken cryptographic algorithm, potentially compromising confidentiality and integrity of sensitive information. Documented risk scores indicate high severity in some feeds (NVD CVSS v3.1: AV=L/AC=L/PR=L/UI:N/...

CVE-2023-23346 Use of a broken cryptographic algorithm affects HCL DRYiCE MyCloud

HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information...

CVE-2023-23346 Use of a broken cryptographic algorithm affects HCL DRYiCE MyCloud

HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information...

CVE-2023-23346

CVE-2023-23346 affects HCL DRYiCE MyCloud and is caused by the use of a broken cryptographic algorithm, potentially compromising confidentiality and integrity of sensitive data. Multiple sources (NVD entry and mirrored records) confirm the issue, describing the vulnerability as related to weak cr...

USN-6279-1 openssh update

It was discovered that OpenSSH has an observable discrepancy leading to an information leak in the algorithm negotiation. This update mitigates the issue by tweaking the client hostkey preference ordering algorithm to prefer the default ordering if the user has a key that matches the...