CVE-2022-43851

CVE-2022-43851 affects IBM Aspera Console, specifically versions 3.4.0 through 3.4.4. The root cause is the use of weaker-than-expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. Remediation provided in the documents is to upgrade to IBM Asper...

PT-2025-16268 · Ibm · Ibm Aspera Console

Name of the Vulnerable Software and Affected Versions: IBM Aspera Console versions 3.4.0 through 3.4.4 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. Recommendations: For IBM...

The vulnerability of the Python RSA cryptographic library, which stems from the use of cryptographic algorithms with defects, allows a perpetrator to gain access to confidential data.

The vulnerability of the Python RSA cryptographic library is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data remotely...

[SECURITY] Fedora 40 Update: perl-Data-Entropy-0.008-1.fc40

This module maintains a concept of a current selection of entropy source. Algorithms that require entropy, such as those in Data::Entropy::Algorithms, can use the source nominated by this module, avoiding the need for entropy source objects to be explicitly passed around. This is convenient becau...

RHEL 9 : libgcrypt (RHSA-2025:3530)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3530 advisory. The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fixes: libgcrypt: vulnerable to Marvin...

Moderate: Red Hat Security Advisory: libgcrypt security update

An update for libgcrypt is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Fedora 40 : libssh2 (2025-aaa849ae74)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-aaa849ae74 advisory. This update, to the current upstream libssh2 release, addresses a couple of security issues: CVE-2023-6918 missing checks for return values for...

Security Bulletin: Security vulnerability has been fixed in IBM Security Verify Governance, Identity Manager virtual appliance component

Summary IBM Security Verify Governance, Identity Manager virtual appliance component has addressed the following vulnerability. Vulnerability Details CVEID:CVE-2022-22461 DESCRIPTION: IBM Security Verify Governance uses weaker than expected cryptographic algorithms that could allow an attacker to...

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related IBM WebSphere Application Server Liberty and FasterXML jackson-databind

Summary Vulnerabilities in IBM WebSphere Application Server Liberty and FasterXML jackson-databind such as HTTP header injection, identity spoofing, denial of service may affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0...

Security Bulletin: Multiple vulnerabilities affect IBM Sterling Secure Proxy (CVE-2021-2163, CVE-2022-34361)

Summary A java vulnerability and an exposure of weak TLS ciphers affect IBM Sterling Secure Proxy. Vulnerability Details CVEID:CVE-2021-2163 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality...

CVE-2024-31896

IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2024-31896 IBM SPSS Statistics information disclosure

IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2024-31896 IBM SPSS Statistics information disclosure

IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2024-31896

CVE-2024-31896 affects IBM SPSS Statistics versions 26.0, 27.0.1, 28.0.1, and 29.0.2. The issue stems from the use of weaker cryptographic algorithms (notably SHA-1 cipher suites), which could allow an attacker to decrypt highly sensitive information. The IBM security bulletin notes the vulnerabi...

ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.44.0.3), ai.h2o:h2o-algos (>=3.2.0.1 <=3.44.0.3) +34 more potentially affected by CVE-2024-8062 via ai.h2o:h2o-core (>=3.2.0.1 <=3.44.0.3)

ai.h2o:h2o-core MAVEN version =3.2.0.1, =3.34.0.1, =3.2.0.1, =3.2.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.1.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.34.0.3, =3.30.0.1, =3.44.0.3 and more Source cves: CVE-2024-8062 Source advisory: OSV:GHSA-5C8J-G96X-CJ78...

ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +44 more potentially affected by CVE-2024-10553 via ai.h2o:h2o-core (>=0.1.9 <=3.46.0.5)

ai.h2o:h2o-core MAVEN version =0.1.9, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2024-10553 Source advisory: OSV:GHSA-H7XG-CMPP-48HF...

libgcrypt security update

An update is available for libgcrypt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libgcrypt library provides general-purpose implementations of various...

The vulnerability of the IBM Security QRadar EDR endpoint protection mechanism, which stems from the use of cryptographic algorithms containing defects, allows attackers to gain unauthorized access to protected information.

The vulnerability of the IBM Security QRadar EDR endpoint protection mechanism lies in the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

CVE-2024-45643

IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive credential information...

Fedora 41 : libssh2 (2025-9cee4b3ac0)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-9cee4b3ac0 advisory. This update, to the current upstream libssh2 release, addresses a couple of security issues: CVE-2023-6918 missing checks for return values for...