Lucene search
K

85 matches found

UbuntuCve
UbuntuCve
added 2020/02/24 5:15 p.m.34 views

CVE-2012-0785

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."...

7.8CVSS7.1AI score0.03351EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/02/24 4:54 p.m.30 views

CVE-2012-0785

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."...

7.4AI score0.03351EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/24 7:27 a.m.21 views

Security Bulletin: Multiple Security Vulnerabilities exist in IBM Cognos TM1

Summary Several vulnerabilities have been addressed for: IBM SDK Java Technology Edition Quarterly CPU Oct 2015, including Oracle Oct 2015 CPU; IBM SDK Java Technology Edition Quarterly CPU Jan 2016, including Oracle Jan 2016 CPU; Java specific SLOTH Weak MD5 Signature Hash; and several OpenSSL...

10CVSS1AI score0.44016EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/05 12:53 a.m.32 views

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects Sterling Integrator and Sterling File Gateway (CVE-2015-7575)

Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects Sterling Integrator and Sterling File Gateway. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a...

5.9CVSS0.7AI score0.0288EPSS
Exploits0Affected Software1
Schneier on Security
Schneier on Security
added 2020/01/08 3:38 p.m.33 views

New SHA-1 Attack

There's a new, practical, collision attack against SHA-1: In this paper, we report the first practical implementation of this attack, and its impact on real-world security with a PGP/GnuPG impersonation attack. We managed to significantly reduce the complexity of collisions attack against SHA-1: ...

0.5AI score
Exploits0
Fortinet
Fortinet
added 2019/06/04 12:0 a.m.39 views

Protect

Server Message Block SMB 1.0 - a legacy file and print sharing protocol - has been deprecated by Microsoft due to multiple weaknesses remote code execution, downgrade, man-in-the-middle, collision and pre-image attack...

7AI score
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.34 views

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM Flex System FC5022 16Gb SAN Scalable Switch (CVE-2015-7575)

Summary The MD5 "SLOTH" vulnerability on TLS 1.2 affects IBM Flex System FC5022 16Gb SAN Scalable Switch. Vulnerability Details Summary The MD5 "SLOTH" vulnerability on TLS 1.2 affects IBM Flex System FC5022 16Gb SAN Scalable Switch. Vulnerability Details: CVE-ID: CVE-2015-7575 Description: The T...

5.9CVSS0.4AI score0.0288EPSS
Exploits0Affected Software1
Veracode
Veracode
added 2019/01/15 8:52 a.m.19 views

Hash Collision Attack

The SBLIM CIM Client is susceptible to hash collision attack. Since it uses HashMap to parse XML inputs, it allows the attacker to predict hashes and input malicious CIM-XML message from a WBEM Web-Based Enterprise Management server, causing high CPU consumption...

5CVSS6AI score0.01857EPSS
Exploits0References7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/03 4:23 a.m.26 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Developer for i, Rational Developer for AIX and Linux, Rational Developer for Power Systems Software

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 7, and 8 that are used by Rational Developer for i, Rational Developer for AIX and Linux, Rational Developer for Power Systems Software CVE-2015-7575, CVE-2016-0466, CVE-2016-0475, CVE-2016-0448. These...

5.9CVSS0.3AI score0.05453EPSS
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:17 p.m.23 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager (CVE-2016-0466, CVE-2015-7575, CVE-2016-0448)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 that is used by IBM Tivoli System Automation Application Manager. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as...

5.9CVSS0.7AI score0.05453EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:17 p.m.24 views

Security Bulletin: Vulnerability in IBM Java Runtime affects Tivoli Storage Manager Operations Center and Tivoli Storage Manager Client Management Service (CVE-2015-7575)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 8.0.2.1 that is used by Tivoli Storage Manager Operations Center and Tivoli Storage Manager Client Management Service. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the I...

5.9CVSS0.8AI score0.0288EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:17 p.m.31 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Operations Analytics - Predictive Insights (CVE-2015-7575)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 Service Refresh 9 Fix Pack 20 that is used by IBM Operations Analytics - Predictive Insights. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability...

5.9CVSS0.6AI score0.0288EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:15 p.m.38 views

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM MessageSight (CVE-2015-7575)

Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects IBM MessageSight. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message durin...

5.9CVSS1AI score0.0288EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:14 p.m.40 views

Security Bulletin: Java specific SLOTH - Weak MD5 Signature Hash

Summary There is vulnerability in IBM® Runtime Environment Java™ Technology Edition, Versions 6, 7, and 8, that are used by FileNet Content Manager, IBM Content Foundation and FileNet BPM. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and include the vulnerabilit...

5.9CVSS0.5AI score0.0288EPSS
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:14 p.m.31 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect FileNet Content Manager, IBM Content Foundation and FileNet BPM (CVE-2015-7575, CVE-2016-0475, CVE-2016-0466)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6, 7, and 8, that are used by FileNet Content Manager, IBM Content Foundation and FileNet BPM. These issues were disclosed as part of the IBM Java SDK updates in January 2016. Vulnerability...

5.9CVSS0.5AI score0.05453EPSS
Exploits0Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:9 a.m.25 views

Security Bulletin: Multiple Security Vulnerabilities in IBM Java Runtime affect IBM RLKS Administration and Reporting Tool Admin and Agent

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6.0.16.0 and 7.0.9.10, that are used by IBM Rational License Key Server Administration and Reporting Tool Admin and Agent. These issues were disclosed as part of the IBM Java Runtime updates ...

5.9CVSS0.3AI score0.05453EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:9 a.m.29 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Method Composer (CVE-2015-7575)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 that is used by Rational Method Composer. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”. Vulnerability Detail...

5.9CVSS0.6AI score0.0288EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:50 p.m.36 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Initiate Master Data Service (CVE-2015-4872, CVE-2016-0466, CVE-2015-7575, CVE-2016-0448)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 that is used by IBM Initiate Master Data Service. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”. Vulnerabilit...

5.9CVSS1.7AI score0.05453EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:5 a.m.21 views

Security Bulletin:A vulnerability in IBM Java SDK affects IBM Workload Deployer. (CVE-2015-7575)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition Version 6 that is used by IBM Workload Deployer. The issue was disclosed as part of the IBM Java SDK updates in January 2016 and this vulnerability is commonly referred to as “SLOTH”. Vulnerability Details CVEID: CVE-2015-7575...

5.9CVSS0.3AI score0.0288EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:5 a.m.34 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Integration Designer and WebSphere Integration Developer (CVE-2016-0475, CVE-2016-0466, CVE-2015-7575, CVE-2016-0448)

Summary There are multiple vulnerabilities in IBM SDK Java™ Technology Edition that is used by IBM Integration Designer and WebSphere Integration Developer. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as...

5.9CVSS0.6AI score0.05453EPSS
Exploits0Affected Software2
Rows per page
Query Builder