Security Bulletin: EDB PGAI Hybrid Management with IBM is affected by Multiple Vulnerabilities.

Summary Multiple Vulnerabilities found in EDB PGAI products - 1 EDB PGAI AI Factory with IBM 1.3.0, 2 EDB PGAI Analytics Accelerator 1.3.0, and 3 EDB PGAI Hybrid Data Management 1.3.0. The vulnerabilities have been addressed in 1.3.4 version. Hence, IBM strongly recommends upgrading to 1.3.4...

OpenSSL 3.4.0 < 3.4.4 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.4.4. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.4.4 advisory. - Issue summary: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher sui...

Linux Distros Unpatched Vulnerability : CVE-2022-3358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSSL supports creating a custom cipher via the legacy EVPCIPHERmethnew function and associated function calls. This function was deprecated in OpenSSL 3.0 an...

JSA10628 - 2014-06 Security Bulletin: Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS): Weak SSL cipher allowed unexpectedly when higher level cipher group is configured (CVE-2014-3812)

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. A weak cipher issue has been discovered on the Pulse Connect Secure PCS and Pulse Policy Secure PPS devices. When configuring the device to use a higher level cipher setting, a lower...

CVE-2016-3099

CVE-2016-3099 affects the mod_ns/mod_nss module used by Red Hat Enterprise Linux Desktop/Server/HPC/Workstation 7, where an attacker can force the use of certain ciphers that were not intended to be enabled. The vulnerability stems from the cipher handling in mod_ns, enabling network-exposed abus...