EUVD-2017-12853

Malware in sbrugna...

EUVD-2016-7935

Malware in sbrugna...

CVE-2019-0163

Insufficient input validation in system firmware for IntelR Broadwell U i5 vPro before version MYBDWi5v.86A may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access...

K43570545: OpenSSL vulnerability CVE-2016-7055

Security Advisory Description There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private...

K14363514: OpenSSL vulnerability CVE-2017-3736

Security Advisory Description There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perfo...

SUSE CVE-2016-7055

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is...

Mageia: Security Advisory (MGASA-2018-0322)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0581-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:0006-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-0543

Incomplete cleanup from specific special register read operations in some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

Huawei Data Communication: OpenSSL Montgomery multiplication may produce incorrect results Vulnerability (huawei-sa-20170419-01-openssl)

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256 bits. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Security Bulletin: OpenSSLにある複数の脆弱性のWebSphere Message BrokerとIBM Integration Busへの影響について

Summary OpenSSLの脆弱性について、OpenSSL Projectより2016年 9月22日、9月26日、11月10日にそれぞれ公表されております。WebSphere Message BrokerならびにIBM Integration Busにて使用されているDataDirect ODBC ドライバーに対して該当するCVEがあり、対処しております。 Vulnerability Details 最新の情報は下記の文書（英語）をご参照ください。 Security Bulletin: Multiple vulnerabilities in OpenSSL affect...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2018-1179)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-7055

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is...

Security Bulletin: Vulnerabilities in SSL affect IBM DataPower Gateways (CVE-2017-3731, CVE-2016-7055)

Summary Two potential denial of service vulnerabilities have been reported by the OpenSSL project. IBM DataPower Gateways has addressed the applicable CVEs. Vulnerability Details Relevant CVE Information: CVEID: CVE-2017-3731 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an...

SUSE SLED12 / SLES12 Security Update : ucode-intel (SUSE-SU-2019:1296-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

This update for ucode-intel fixes the following issues : ucode-intel was updated to official QSR 2019.1 microcode release bsc1111331 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 ---- new platforms ---------------------------------------- VLV C0 6-37-8/02 00000838 Atom Z series VLV ...

SUSE-SU-2019:1296-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: ucode-intel was updated to official QSR 2019.1 microcode release bsc1111331 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 ---- new platforms ---------------------------------------- VLV C0 6-37-8/02 00000838 Atom Z series VLV C...

CVE-2019-0163

Insufficient input validation in system firmware for IntelR Broadwell U i5 vPro before version MYBDWi5v.86A may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access...

Input validation

Insufficient input validation in system firmware for IntelR Broadwell U i5 vPro before version MYBDWi5v.86A may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access...

CVE-2019-0163

Insufficient input validation in system firmware for IntelR Broadwell U i5 vPro before version MYBDWi5v.86A may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access...