Lucene search
K

2877 matches found

OpenVAS
OpenVAS
added 2021/11/02 12:0 a.m.18 views

OpenLDAP < 2.4.32 Weak Cipher Vulnerability

OpenLDAP is prone to a weak cipher vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

4.3CVSS9.4AI score0.04114EPSS
Exploits0References1
OSV
OSV
added 2021/10/27 7:23 a.m.5 views

SUSE-SU-2021:3528-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Update to 11.0.13+8 October 2021 CPU - CVE-2021-35550, bsc1191901: Update the default enabled cipher suites preference - CVE-2021-35565, bsc1191909: com.sun.net.HttpsServer spins on TLS session close - CVE-2021-35556, bsc1191910: Richer...

7.1CVSS5.8AI score0.14839EPSS
Exploits0References21
BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.6 views

The vulnerability of the NSS network security application library package, related to the allocation of unlimited memory, allows a attacker to cause a service failure.

The vulnerability of the NSS application security library package is related to the allocation of unlimited memory during the processing of ChangeCipherSpec messages. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

7.5CVSS7.2AI score0.03854EPSS
Exploits0References6Affected Software2
OSV
OSV
added 2021/10/19 7:15 p.m.2 views

CVE-2021-31352

An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote attacker to obtain sensitive information. A remote attacker with read and write access to network data could exploit thi...

5.3CVSS5.8AI score0.00808EPSS
Exploits1References1
Palo Alto Networks
Palo Alto Networks
added 2021/10/13 4:0 p.m.71 views

PAN-OS: Impact of the Raccoon Attack Vulnerability CVE-2020-1968

In versions of Palo Alto Networks PAN-OS software earlier than PAN-OS 10.0, the DHE cipher available for use in traffic decryption improperly shares a cryptographic secret across multiple TLS connections, which weakens its cryptographic strength. This is a prerequisite for successful exploitation...

3.7CVSS2.4AI score0.04803EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/10/12 4:13 p.m.4 views

openssl: integer overflow in CipherUpdate

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

7.5CVSS6.9AI score0.50732EPSS
Exploits0References5
Mageia
Mageia
added 2021/10/02 6:57 p.m.129 views

Updated python-rsa packages fix security vulnerability

It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA. CVE-2020-25658...

7.5CVSS3.7AI score0.01631EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2021/09/21 10:6 a.m.4 views

nss: TLS 1.3 CCS flood remote DoS Attack

A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability...

7.5CVSS7.3AI score0.03854EPSS
Exploits0References5
Filippo.io
Filippo.io
added 2021/09/15 10:0 p.m.19 views

Automatic Cipher Suite Ordering in crypto/tls

This is the first article I wrote for the Go blog !! about how TLS cipher suites configuration got so complicated, and how weve made it way easier in Go 1.17. The Go standard library provides crypto/tls, a robust implementation of Transport Layer Security TLS, the most important security protocol...

6.4AI score
Exploits0
OpenVAS
OpenVAS
added 2021/09/15 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2021-2385)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.03498EPSS
Exploits1References2
Schneier on Security
Schneier on Security
added 2021/09/03 3:19 p.m.26 views

History of the HX-63 Rotor Machine

Jon D. Paul has written the fascinating story of the HX-63, a super-complicated electromechanical rotor cipher machine made by Crypto AG...

1.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/08/26 3:23 p.m.3 views

golang: crypto/tls: certificate of wrong type is causing TLS client to panic

A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate's private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists or can be issued, or the client is configured with...

6.5CVSS7.1AI score0.07032EPSS
Exploits1References6
Cvelist
Cvelist
added 2021/08/12 9:13 p.m.15 views

CVE-2020-36363

Amazon AWS CloudFront TLSv1.22019 allows TLSECDHERSAWITHAES128CBCSHA256 and TLSECDHERSAWITHAES256CBCSHA384, which some entities consider to be weak ciphers...

9.5AI score0.00706EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2021/08/12 12:0 a.m.68 views

nodejs:14 security, bug fix, and enhancement update

nodejs 1:14.17.3-2 - Resolves: RHBZ1980032, RHBZ1978203 - Resolves RHBZ1842826 - Don't use patch3 1:14.17.3-1 - Resolves: RHBZ1980032, RHBZ1978203 - Resolves RHBZ1842826 - Resolves CVE-2021-22918libuv, use system cipher list 1:14.16.0-3 - Resolves: RHBZ1930775 - Always build with systemtap...

7.5CVSS0.9AI score0.23132EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2021/08/11 5:14 a.m.3 views

golang: crypto/tls: certificate of wrong type is causing TLS client to panic

A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate's private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists or can be issued, or the client is configured with...

6.5CVSS7.1AI score0.07032EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2021/08/10 4:13 p.m.2 views

golang: crypto/tls: certificate of wrong type is causing TLS client to panic

A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate's private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists or can be issued, or the client is configured with...

6.5CVSS7.1AI score0.07032EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2021/08/05 10:56 a.m.4 views

golang: crypto/tls: certificate of wrong type is causing TLS client to panic

A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate's private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists or can be issued, or the client is configured with...

6.5CVSS7.1AI score0.07032EPSS
Exploits1References6
Amazon
Amazon
added 2021/08/05 12:0 a.m.57 views

Medium: golang

Issue Overview: A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. CVE-2021-33196 A flaw was found in golang. A panic can be triggered by an attacker in a privileged netwo...

7.5CVSS6.7AI score0.07032EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/28 1:30 p.m.33 views

Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM InfoSphere Information Server

Summary Multiple vulnerabilities in OpenSSL used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID: CVE-2021-23840 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an attack...

7.5CVSS8.2AI score0.50732EPSS
Exploits1Affected Software1
NVD
NVD
added 2021/07/26 5:15 p.m.23 views

CVE-2021-32791

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In modauthopenidc before version 2.4.9, the AES GCM encryption in modauthopenidc uses a static IV and...

5.9CVSS0.01503EPSS
Exploits0References7
Rows per page
Query Builder