2261 matches found
CVE-2019-4540
IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165813...
Code injection
IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165813...
CVE-2019-4540
IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165813...
PCFG Cracker - Probabilistic Context Free Grammar (PCFG) Password Guess Generator
PCFG = Probabilistic Context Free Grammar PCFG = Pretty Cool Fuzzy Guesser In short: A collection of tools to perform research into how humans generate passwords. These can be used to crack password hashes, but also create synthetic passwords honeywords, or help develop better password strength...
Trolls-For-Hire Pave Way For Sophisticated Social Media Hacks
NEW ORLEANS – Researchers have observed the blossoming of a new type of social media nuisance they are calling Trolling-as-a-Service. They say these rabble-rousing efforts have emerged as a clever new way for hackers to launch coordinated and dangerous attacks via Facebook and Twitter. Speaking a...
Code injection
IBM Security Secret Server 10.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 170045...
CVE-2019-4639
CVE-2019-4639 affects IBM Security Secret Server. Multiple sources confirm that 10.7 uses weaker-than-expected cryptographic algorithms, potentially allowing an attacker to decrypt highly sensitive information. IBM’s security bulletin states the issue has been addressed in release 10.7.000059, wi...
DEBIAN-CVE-2015-0294
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate...
Security Bulletin: A Security Vulnerability Has Been Identified In IBM Security Secret Server (CVE-2019-4639)
Summary A security vulnerability identified on IBM Security Secret Server has been addressed in the release 10.7.000059. Vulnerability Details CVEID: CVE-2019-4639 DESCRIPTION: IBM Security Secret Server uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2020-1021)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OpenSSL 1.0.2 < 1.0.2u Vulnerability
The version of OpenSSL installed on the remote host is prior to 1.0.2u. It is, therefore, affected by a vulnerability as referenced in the 1.0.2u advisory. - There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are...
The vulnerability of the FortiSIEM security management system, related to the use of cryptographic algorithms containing defects, allows attackers to gain unauthorized access to protected information.
The vulnerability of the FortiSIEM security management system is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
Updated openssl packages fix security vulnerability
Updated compat-openssl10 and openssl packages fix security vulnerability: There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and...
EulerOS 2.0 SP8 : openssl (EulerOS-SA-2020-1021)
According to the version of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow was found in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. As per upstream: No EC...
Security Bulletin: IBM API Connect is potentially impacted by weak cryptographic algorithms(CVE-2019-4609)
Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-4609 DESCRIPTION: IBM API Connect uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVSS Base score: 5.9 CVSS Temporal...
CVE-2019-19397
There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks...
Design/Logic Flaw
There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks...
CVE-2019-1551
There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...
Buffer overflow
There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...
CVE-2019-1551
There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...