CVE-2022-30273

The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm TEA block-cipher in ECB mode. This mode of operation does n...

CVE-2022-29965

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. Access to privileged operations on the maintenance port TELNET interface 23/TCP on M-series and SIS CSLS/LSNB/LSNG nodes is controlled by means of utility passwords. These passwords are...

CVE-2022-30273

The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm TEA block-cipher in ECB mode. This mode of operation does n...

CVE-2022-29965

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. Access to privileged operations on the maintenance port TELNET interface 23/TCP on M-series and SIS CSLS/LSNB/LSNG nodes is controlled by means of utility passwords. These passwords are...

Code injection

The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm TEA block-cipher in ECB mode. This mode of operation does n...

Code injection

The Emerson DeltaV Distributed Control System DCS controllers and IO cards through 2022-04-29 misuse passwords. Access to privileged operations on the maintenance port TELNET interface 23/TCP on M-series and SIS CSLS/LSNB/LSNG nodes is controlled by means of utility passwords. These passwords are...

CVE-2022-30273

The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm TEA block-cipher in ECB mode. This mode of operation does n...

Malicious code in ot-daily-algorithm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 498245e71f08cf45b257ade99fc455f3a37bdc156a9849d8e6a79d7b40124605 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5137 Malicious code in ot-daily-algorithm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 498245e71f08cf45b257ade99fc455f3a37bdc156a9849d8e6a79d7b40124605 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Honeywell Saia Burgess PG5 PCD

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable on adjacent network/low attack complexity Vendor: Honeywell Equipment: Saia Burgess PG5 PCD Vulnerabilities: Authentication Bypass, Use of a Broken or Risky Cryptographic Algorithm CISA is aware of a public report known as “OT:ICEFALL” that...

openSUSE: Security Advisory for mozilla-nss (SUSE-SU-2022:2533-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2022:2533-1 Security update for mozilla-nss

This update for mozilla-nss fixes the following issues: Various FIPS 140-3 related fixes were backported from SUSE Linux Enterprise 15 SP4: - Makes the PBKDF known answer test compliant with NIST SP800-132. bsc1192079. - FIPS: Add on-demand integrity tests through sftkFIPSRepeatIntegrityCheck...

OESA-2022-1762 gdk-pixbuf2 security update

gdk is written in C but has been designed from the ground up to support a wide range of languages. It provide a complete set of widgets,and suitable for projects ranging from small one-off tools to complete application suites. Security Fixes: A flaw was found in gdk-pixbuf in versions before...

Information Disclosure

rocketchip2.12 is vulnerable to information disclosure. The vulnerability exists due to the insecure cryptographic algorithm used in RocketCore.scala, allowing an attacker to gain sensitive information through the malicious Zk extensions...

Fedora: Security Advisory for golang-github-cespare-xxhash (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for golang-github-nbutton23-zxcvbn (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for golang-github-oneofone-xxhash (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: golang-github-oneofone-xxhash-1.2.8-5.fc35

This is a native Go implementation of the excellent xxhash algorithm, an extremely fast non-cryptographic Hash algorithm, working at speeds close to R AM limits...

[SECURITY] Fedora 35 Update: golang-github-nbutton23-zxcvbn-0.1-8.20210110gite56b841.fc35

Zxcvbn password complexity algorithm in golang...

[SECURITY] Fedora 35 Update: golang-github-gorhill-cronexpr-1.0.0-4.fc35

Given a cron expression and a time stamp, you can get the next time stamp whi ch satisfies the cron expression. In another project, I decided to use cron expression syntax to encode schedul ing information. Thus this standalone library to parse and apply time stamps to c ron expressions. The...