Lucene search
K

2877 matches found

Microsoft Malware Protection
Microsoft Malware Protection
added 2022/01/04 5:0 p.m.20 views

What you need to know about how cryptography impacts your security strategy

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest post of our Voice of the Community blog series post, Microsoft Security Product Marketing Manager Natalia Godyla talks with Taurus SA Co-founder...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2021/12/21 7:15 a.m.4 views

CVE-2021-45450

In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psaciphergenerateiv and psacipherencrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application...

7.5CVSS7.3AI score0.01131EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2021/12/18 12:0 a.m.4 views

PT-2021-24238

Name of the Vulnerable Software and Affected Versions: Mbed TLS versions prior to 2.28.0 Mbed TLS versions 3.x prior to 3.1.0 Description: The issue allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application, specifically...

7.5CVSS7.3AI score0.01131EPSS
Exploits0References32
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/15 6:5 p.m.36 views

Security Bulletin: Vulnerability in RC4 stream cipher affects Multiple N-series Products (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects Multiple N-series Products Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit thi...

5CVSS4.8AI score0.74006EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/15 6:5 p.m.37 views

Security Bulletin:TLS Protocol 64-bit Cipher Vulnerability in Multiple N series Products (CVE-2016-2183)

Summary Multiple N series products utilize the TLS protocol. Any system using the TLS protocol with 64-bit block ciphers that are used in long running connections are vulnerable to a birthday attack referred to as SWEET32. When exploited, the vulnerability may lead to the unauthorized disclosure ...

7.5CVSS0.3AI score0.95707EPSS
Exploits7Affected Software1
Kitploit
Kitploit
added 2021/12/11 8:30 p.m.30 views

CaptfEncoder - An Extensible Cross Platform Network Security Tool Suite

Captfencoder is an extensible cross platform network security tool suite, providing network security related code conversion, classical cryptography, cryptography, asymmetric encryption, special coding, miscellaneous tools, and aggregating all kinds of online tools. CaptfEncoder all functions...

7.5AI score
Exploits0References3
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2021/12/03 8:4 a.m.30 views

What is AES Advanced Encryption Standard ❓

In any case, AES cipher is the famous framework that aids in digital encoding facts making use of a maintained 128-digit, 192-piece, or 256-cycle symmetric encryption estimate from the Advanced Encryption Standard AES, additionally called FIPS 197. The AES is a PC protection general for obtaining...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/11/30 2:28 p.m.5 views

openssl: integer overflow in CipherUpdate

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

7.5CVSS6.9AI score0.50732EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/11/18 12:0 a.m.103 views

Palo Alto Networks PAN-OS 8.1.x < 8.1.0 / 9.0.x < 9.0.0 / 9.1.x < 9.1.0 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.0 or 9.0.x prior to 9.0.0 or 9.1.x prior to 9.1.0. It is, therefore, affected by a vulnerability. - In versions of Palo Alto Networks PAN-OS software earlier than PAN-OS 10.0, the DHE cipher available for us...

4.3CVSS6.4AI score0.04803EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/11/18 12:0 a.m.31 views

openSUSE: Security Advisory for java-11-openjdk (openSUSE-SU-2021:1480-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.1CVSS6.8AI score0.14839EPSS
Exploits0References2
OSV
OSV
added 2021/11/17 9:19 a.m.13 views

OPENSUSE-SU-2021:1480-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Update to 11.0.13+8 October 2021 CPU - CVE-2021-35550, bsc1191901: Update the default enabled cipher suites preference - CVE-2021-35565, bsc1191909: com.sun.net.HttpsServer spins on TLS session close - CVE-2021-35556, bsc1191910: Richer...

7.1CVSS5.7AI score0.14839EPSS
Exploits0References21
OPENSUSE Linux
OPENSUSE Linux
added 2021/11/16 12:0 a.m.78 views

Security update for java-11-openjdk (important)

openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2021:3671-1 Rating: important References: 1191901 1191903 1191904 1191906 1191909 1191910 1191911 1191912 1191913 1191914 Cross-References: CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35561...

6.8CVSS6.4AI score0.14839EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2021/11/10 5:20 p.m.4 views

openssl: integer overflow in CipherUpdate

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

7.5CVSS6.9AI score0.50732EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/11/09 6:42 p.m.3 views

golang: crypto/tls: certificate of wrong type is causing TLS client to panic

A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate's private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists or can be issued, or the client is configured with...

6.5CVSS7.1AI score0.07032EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2021/11/09 6:33 p.m.3 views

openssl: integer overflow in CipherUpdate

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

7.5CVSS6.9AI score0.50732EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/11/09 6:8 p.m.8 views

openssl: integer overflow in CipherUpdate

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

7.5CVSS6.9AI score0.50732EPSS
Exploits0References5
ALT Linux
ALT Linux
added 2021/11/08 12:0 a.m.37 views

Security fix for the ALT Linux 10 package java-11-openjdk version 0:11.0.13.8-alt1_1jpp11

0:11.0.13.8-alt11jpp11 built Nov. 8, 2021 Andrey Cherepanov in task 287838 Oct. 23, 2021 Andrey Cherepanov - New version. - Security fixes: + CVE-2021-35550 Update the default enabled cipher suites preference + CVE-2021-35565 com.sun.net.HttpsServer spins on TLS session close + CVE-2021-35556...

7.1CVSS6.3AI score0.14839EPSS
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2021/11/03 12:0 a.m.2 views

VulnCheck KEV: CVE-2016-4437

Apache Shiro contains a vulnerability which may allow remote attackers to execute code or bypass intended access restrictions via an unspecified request parameter when a cipher key has not been configured for the "remember me" feature...

9.8CVSS7.3AI score0.93143EPSS
Exploits9References1
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.27 views

Apache Shiro Code Execution Vulnerability

Apache Shiro contains a vulnerability which may allow remote attackers to execute code or bypass intended access restrictions via an unspecified request parameter when a cipher key has not been configured for the "remember me" feature...

9.8CVSS8.3AI score0.93143EPSS
In wildExploits9
OpenVAS
OpenVAS
added 2021/11/02 12:0 a.m.17 views

OpenLDAP 2.4.x Weak Cipher Vulnerability

OpenLDAP is prone to a weak cipher vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.5AI score0.05333EPSS
Exploits0References1
Rows per page
Query Builder