CVE-2023-23346 Use of a broken cryptographic algorithm affects HCL DRYiCE MyCloud

HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information...

CVE-2023-23346

CVE-2023-23346 affects HCL DRYiCE MyCloud and is caused by the use of a broken cryptographic algorithm, potentially compromising confidentiality and integrity of sensitive data. Multiple sources (NVD entry and mirrored records) confirm the issue, describing the vulnerability as related to weak cr...

USN-6279-1: OpenSSH update

It was discovered that OpenSSH has an observable discrepancy leading to an information leak in the algorithm negotiation. This update mitigates the issue by tweaking the client hostkey preference ordering algorithm to prefer the default ordering if the user has a key that matches the...

USN-6279-1 openssh update

It was discovered that OpenSSH has an observable discrepancy leading to an information leak in the algorithm negotiation. This update mitigates the issue by tweaking the client hostkey preference ordering algorithm to prefer the default ordering if the user has a key that matches the...

PT-2023-18918 · Hcl · Hcl Dryice Mycloud

Name of the Vulnerable Software and Affected Versions: HCL DRYiCE MyCloud affected versions not specified Description: The issue is related to the use of a broken cryptographic algorithm, which can potentially allow an attacker to compromise the confidentiality and integrity of sensitive...

HCL Technologies DRYiCE MyCloud Encryption Issue Vulnerability

HCL Technologies DRYiCE MyCloud is a Hybrid Cloud Lifecycle Management product from HCL Technologies, USA. A security vulnerability exists in HCL Technologies DRYiCE MyCloud that stems from the use of a weak cryptographic algorithm...

What Cisco Talos knows about the Rhysida ransomware

Cisco Talos is aware of the recent advisory published by the U.S. Department of Health and Human Services HHS warning the healthcare industry about Rhysida ransomware activity. As weve discussed recently, there has been huge growth in the ransomware and extortion space, potentially linked to the...

EulerOS 2.0 SP9 : bind (EulerOS-SA-2023-2602)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sen...

EulerOS 2.0 SP9 : bind (EulerOS-SA-2023-2572)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sen...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2023-2572)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : libssh (EulerOS-SA-2023-2616)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a...

Rocky Linux 8 : bind9.16 (RLSA-2023:4100)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:4100 advisory. - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to...

EulerOS 2.0 SP9 : libssh (EulerOS-SA-2023-2586)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a...

Rocky Linux 9 : bind (RLSA-2023:4099)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:4099 advisory. - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to...

Information Disclosure

gitlab is vulnerable to Information Disclosure. The vulnerability allows a malicious attacker to decrypt content form the database due to a broken cryptographic algorithm...

Debian dla-3515 : libcjose-dev - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3515 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3515-1 [email protected] https://www.debian.org/lts/security/...

CLSA-2023-1691084775 libssh: Fix of 2 CVEs

CVE-2023-2283: fix the authentication check - CVE-2023-1667: refactor the algorithm guessing to avoid NULL dereference - improve tests...

CLSA-2023-1691084556 libssh: Fix of 2 CVEs

CVE-2023-2283: fix the authentication check - CVE-2023-1667: refactor the algorithm guessing to avoid NULL dereference - improve tests...

Moxa PT-7528 and PT-7828 Series Weak Cryptographic Algorithm (CVE-2020-6987)

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed. This plugin only works with Tenable.ot. Please visit...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-7001)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...