Lucene search
K

115 matches found

CNVD
CNVD
added 2020/04/09 12:0 a.m.2 views

Samsung Mobile Device Encryption Issue Vulnerability

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung mobile devices suffer from a cryptographic issue vulnerability that can be exploited by an attacker to launch a caching attack against Keymaster AES-GCM...

9.8CVSS6.8AI score0.00275EPSS
Exploits0References1
OSV
OSV
added 2020/01/10 10:1 a.m.7 views

SUSE-SU-2020:0063-1 Security update for nodejs10

This update for nodejs10 to version 10.18.0 fixes the following issues: Security issues fixed: - CVE-2019-16777, CVE-2019-16776, CVE-2019-16775: Updated npm to 6.13.4, fixing an arbitrary path overwrite and access via 'bin' field bsc1159352. - Added support for chacha20-poly1305 for Authenticated...

8.1CVSS7.8AI score0.03342EPSS
Exploits0References7
Fedora
Fedora
added 2018/09/21 5:38 a.m.26 views

[SECURITY] Fedora 29 Update: python-pycryptodomex-3.6.6-1.fc29

PyCryptodome is a self-contained Python package of low-level cryptographic primitives. It's a fork of PyCrypto. It brings several enhancements with respect to the last official version of PyCrypto 2.6.1, for instance: Authenticated encryption modes GCM, CCM, EAX, SIV, OCB Accelerated AES on Intel...

7.5CVSS0.9AI score0.0174EPSS
Exploits1
n0where
n0where
added 2018/08/23 4:23 p.m.20 views

Offensive and Defensive Cryptography: Crypton

Crypton is an educational library to learn and practice Offensive and Defensive Cryptography. It is basically a collection of explanation and implementation of all the existing vulnerabilities and attacks on various Encryption Systems Symmetric and Asymmetric, Digital Signatures, Message...

1.4AI score
Exploits0References1
Schneier on Security
Schneier on Security
added 2018/05/03 11:42 a.m.123 views

LC4: Another Pen-and-Paper Cipher

Interesting symmetric cipher: LC4: Abstract: ElsieFour LC4 is a low-tech cipher that can be computed by hand; but unlike many historical ciphers, LC4 is designed to be hard to break. LC4 is intended for encrypted communication between humans only, and therefore it encrypts and decrypts plaintexts...

0.8AI score
Exploits0
Qualys Blog
Qualys Blog
added 2018/02/03 2:0 a.m.88 views

SSL Labs Grading Update: Forward Secrecy, Authenticated Encryption and ROBOT

Update March 1, 2018: The completion of these changes is documented under Version 1.31.0 in the SSL Labs Changelog. We are giving advance notification for following grading criteria changes applying from March 1, 2018: Not using forward secrecy, not using AEAD suites, and vulnerability to ROBOT...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2017/12/22 12:0 a.m.6 views

PT-2017-3585 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.14.13 Description: The issue is related to errors in resource management within the Parallel Crypto Engine crypto/pcrypt.c subsystem of the Linux operating system. It can be exploited by executing a specially...

7.8CVSS6.8AI score0.30052EPSS
Exploits26References165
Fedora
Fedora
added 2017/12/10 8:15 p.m.14 views

[SECURITY] Fedora 26 Update: borgbackup-1.1.3-1.fc26

BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...

8.8CVSS1.8AI score0.01938EPSS
Exploits0
Fedora
Fedora
added 2017/12/10 7:20 p.m.22 views

[SECURITY] Fedora 27 Update: borgbackup-1.1.3-1.fc27

BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...

8.8CVSS1.8AI score0.01938EPSS
Exploits0
Fedora
Fedora
added 2016/08/29 6:57 p.m.11 views

[SECURITY] Fedora 24 Update: borgbackup-1.0.7-1.fc24

BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...

1.8AI score
Exploits0
Fedora
Fedora
added 2016/08/29 8:9 a.m.16 views

[SECURITY] Fedora 25 Update: borgbackup-1.0.7-1.fc25

BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...

1.8AI score
Exploits0
OSV
OSV
added 2015/02/11 8:47 p.m.6 views

MGASA-2015-0064 Updated owasp-esapi-java packages fix CVE-2013-5679

Updated owasp-esapi-java packages fix security vulnerability: The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API ESAPI for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier f...

2.6CVSS6.5AI score0.02426EPSS
Exploits1References3
Mageia
Mageia
added 2015/02/11 8:47 p.m.49 views

Updated owasp-esapi-java packages fix CVE-2013-5679

Updated owasp-esapi-java packages fix security vulnerability: The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API ESAPI for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier f...

2.6CVSS3.5AI score0.02426EPSS
Exploits1References2
Cvelist
Cvelist
added 2013/09/30 10:0 a.m.32 views

CVE-2013-5679

The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API ESAPI for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier for remote attackers to bypass intended cryptographic protectio...

9.2AI score0.02426EPSS
Exploits1References4
CVE
CVE
added 2013/09/30 10:0 a.m.84 views

CVE-2013-5960

CVE-2013-5960 affects OWASP ESAPI for Java (authenticated-encryption in the symmetric-encryption implementation) and could allow remote bypass of cryptographic protections through tampering of serialized ciphertext in non-default cipher-mode configurations. IBM Sterling B2B Integrator bulletin co...

5.8CVSS6.4AI score0.01655EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder