Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2021-1931)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Timing attack against DSA

...

EulerOS 2.0 SP9 : nss (EulerOS-SA-2021-1952)

According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly...

EulerOS 2.0 SP9 : nss (EulerOS-SA-2021-1931)

According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly...

PYSEC-2021-93

An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could...

GHSA-H45P-W933-JXH3 Improper Verification of Cryptographic Signature in aws-encryption-sdk-javascript

Impact This advisory addresses several LOW severity issues with streaming signed messages and restricting processing of certain types of invalid messages. This ESDK supports a streaming mode where callers may stream the plaintext of signed messages before the ECDSA signature is validated. In...

GHSA-89V2-G37M-G3FF Improper Verification of Cryptographic Signature in aws-encryption-sdk-cli

Impact This advisory addresses several LOW severity issues with streaming signed messages and restricting processing of certain types of invalid messages. This ESDK supports a streaming mode where callers may stream the plaintext of signed messages before the ECDSA signature is validated. In...

GHSA-X5H4-9GQW-942J Improper Verification of Cryptographic Signature in aws-encryption-sdk

Impact This advisory addresses several LOW severity issues with streaming signed messages and restricting processing of certain types of invalid messages. This ESDK supports a streaming mode where callers may stream the plaintext of signed messages before the ECDSA signature is validated. In...

Improper Verification of Cryptographic Signature in aws-encryption-sdk-java

Impact This advisory addresses several LOW severity issues with streaming signed messages and restricting processing of certain types of invalid messages. This update addresses an issue where certain invalid ECDSA signatures incorrectly passed validation. These signatures provide defense in depth...

CVE-2021-23020

The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and hashing algorithm which could lead to predictable keys...

CVE-2021-23020

The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and hashing algorithm which could lead to predictable keys...

GSD-2021-1000341 net: Only allow init netns to set default tcp cong to a restricted algo

net: Only allow init netns to set default tcp cong to a restricted algo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...

UVI-2021-1000341 net: Only allow init netns to set default tcp cong to a restricted algo

net: Only allow init netns to set default tcp cong to a restricted algo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...

UVI-2021-1000225 net: Only allow init netns to set default tcp cong to a restricted algo

net: Only allow init netns to set default tcp cong to a restricted algo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...

USN-4968-2: LZ4 vulnerability

USN-4968-1 fixed a vulnerability in LZ4. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that LZ4 incorrectly handled certain memory operations. If a user or automated system were tricked into uncompressing a...

Schneider Electric homeLYnk and spaceLYnk Unauthorized Access Vulnerability

Schneider Electric homeLYnk and spaceLYnk are both automation programming software for different logic controllers from Schneider Electric, France. An unauthorized access vulnerability exists in Schneider Electric homeLYnk and spaceLYnk, which arises from the presence of a broken or dangerous...

CVE-2021-22738

Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk Wiser For KNX and spaceLYnk V2.60 and prior that could cause unauthorized access when credentials are discovered after a brute force attack...

Design/Logic Flaw

Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk Wiser For KNX and spaceLYnk V2.60 and prior that could cause unauthorized access when credentials are discovered after a brute force attack...

CVE-2021-22738

Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk Wiser For KNX and spaceLYnk V2.60 and prior that could cause unauthorized access when credentials are discovered after a brute force attack...

CVE-2021-22738

CVE-2021-22738 affects Schneider Electric homeLYnk and spaceLYnk (versions up to and including 2.60). The root cause is use of a broken or risky cryptographic algorithm that could allow unauthorized access after credentials are discovered via brute force. The Red Hat, CNVD, CVE/NVD entries corrob...