Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26143)

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and...

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26141)

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and...

ROS-2-1278

2.1278 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

Security Bulletin: IBM® Db2® is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. (CVE-2023-47152)

Summary IBM® Db2® is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. Vulnerability Details CVEID:CVE-2023-47152 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to an insecure...

Design/Logic Flaw

This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm hash SHA1 in user login component. A local attacker with administrative privileges could exploit this vulnerability to obtain the password of USB Pratirodh on the targeted system. Successful exploitati...

Design/Logic Flaw

This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm hash SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system. Successful exploitation of this...

CVE-2024-25102 Information Disclosure Vulnerability in CDAC AppSamvid Software

This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm hash SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system. Successful exploitation of this...

CVE-2024-1224 Information Disclosure Vulnerability in CDAC USB Pratirodh

This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm hash SHA1 in user login component. A local attacker with administrative privileges could exploit this vulnerability to obtain the password of USB Pratirodh on the targeted system. Successful exploitati...

CVE-2024-22463

Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of confidentiality and integrity of sensitive information...

Design/Logic Flaw

Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of confidentiality and integrity of sensitive information...

CVE-2024-22463

Dell PowerScale OneFS versions 8.2.x through 9.6.0.x are affected by a vulnerability described as the use of a broken or risky cryptographic algorithm, which can lead to disclosure and integrity concerns for sensitive data. The issue is triggered by the software’s cryptographic implementation rat...

CVE-2024-22463

Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of confidentiality and integrity of sensitive information...

Ubuntu 23.10 : Linux kernel (Azure) vulnerabilities (USN-6652-1)

The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6652-1 advisory. Marek Marczykowski-Grecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in ...

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6626-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6626-2 advisory. Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote...

SUSE-SU-2024:0411-1 Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059115 fixes several issues. The following security issues were fixed: - CVE-2023-6932: Fixed a use-after-free vulnerability in the ipv4 igmp component that could lead to local privilege escalation bsc1218255. - CVE-2023-6176: Fixed a denial of service...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2024:0395-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0395-1 advisory. - A use-after-free vulnerability was found in drivers/nvme/target/tcp.c in nvmettcpfreecrypto due to a logical bug in the NVMe/TCP subsystem in...

SUSE SLES15 Security Update : kernel (Live Patch 3 for SLE 15 SP5) (SUSE-SU-2024:0352-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0352-1 advisory. - A use-after-free vulnerability was found in drivers/nvme/target/tcp.c in nvmettcpfreecrypto due to a logical bug in the NVMe-oF/TCP subsystem...

SUSE-SU-2024:0389-1 Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059118 fixes several issues. The following security issues were fixed: - CVE-2023-6932: Fixed a use-after-free vulnerability in the ipv4 igmp component that could lead to local privilege escalation bsc1218255. - CVE-2023-6176: Fixed a denial of service...

SUSE-SU-2024:0358-1 Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059133 fixes several issues. The following security issues were fixed: - CVE-2023-6932: Fixed a use-after-free vulnerability in the ipv4 igmp component that could lead to local privilege escalation bsc1218255. - CVE-2023-6176: Fixed a denial of service...

SUSE-SU-2024:0352-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005519 fixes several issues. The following security issues were fixed: - CVE-2023-6932: Fixed a use-after-free vulnerability in the ipv4 igmp component that could lead to local privilege escalation bsc1218255. - CVE-2023-6176: Fixed a denial of service...