PT-2023-24875 · Unknown · Piigab M-Bus

Name of the Vulnerable Software and Affected Versions: PiiGAB M-Bus affected versions not specified Description: The issue concerns the use of a weak hash algorithm for storing passwords. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

Code injection

The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure encryption algorithm...

CVE-2023-36608

The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure encryption algorithm...

K000135312: BIND vulnerability CVE-2023-2828

Security Advisory Description Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement i...

Ovarro TBox RTUs

1. EXECUTIVE SUMMARY ​CVSS v3 7.2 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: Ovarro ​Equipment: TBox RTUs ​Vulnerabilities: Missing Authorization, Use of Broken or Risky Cryptographic Algorithm, Inclusion of Functionality from Untrusted Control Sphere, Insufficient Entropy,...

libssh security update

0.9.6-10 - Add missing ci.fmf file - Related: rhbz2182251, rhbz2189742 0.9.6-9 - Fix covscan errors found at gating - Related: rhbz2182251, rhbz2189742 0.9.6-8 - Backport test fixing commits to make the build pass - Related: rhbz2182251, rhbz2189742 0.9.6-7 - Fix NULL dereference during rekeying...

Schneider Electric Modicon Premium, Modicon Quantum, Modicon M340, and Modicon BMXNOR0200 Use of a Broken or Risky Cryptographic Algorithm (CVE-2018-7242)

Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks. This plugin only works with...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2023:2667-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2667-1 advisory. Update to release 9.16.42 Security Fixes: The overmem cleaning process has been improved, to...

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

libssh: NULL pointer dereference during rekeying with algorithm guessing

A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service...

Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 For more...

The vulnerability of the FortiSIEM security management interface arises from the use of a less secure encryption algorithm, which allows attackers to disclose the protected information.

The vulnerability of the FortiSIEM security management interface is related to the use of a less secure encryption algorithm. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

CVE-2023-28006

The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered sufficiently secure...

CVE-2023-28006

The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered sufficiently secure...

Code injection

The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered sufficiently secure...

CVE-2023-28006

CVE-2023-28006 affects the OSD Bare Metal Server (HCL BigFix OSD). The vulnerability stems from using a cryptographic algorithm that is no longer considered sufficiently secure. Documents indicate the issue concerns cryptographic strength with high impact across confidentiality, integrity, and av...

CVE-2023-28006 HCL BigFix OSD Bare Metal Server is affected by a weak cryptographic algorithm.

The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered sufficiently secure...

CVE-2023-28006 HCL BigFix OSD Bare Metal Server is affected by a weak cryptographic algorithm.

The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered sufficiently secure...

K000135178: OpenSSL vulnerability CVE-2023-2650

Security Advisory Description Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message...

HCL Technologies BigFix OSD 加密问题漏洞

HCL Technologies BigFix OSD is part of a lifecycle management software from HCL Technologies, Inc. for operating system deployment. A security vulnerability exists in the HCL Technologies BigFix OSD that stems from the server using an insecure encryption algorithm...