NO-IP DUC 4.1.1 DLL Hijacking

===================================================== NO-IP DUC v4.1.1 - DLL Hijacking ===================================================== Vendor Homepage: http://noip.com Date: 20 Oct 2016 Software Link : http://www.noip.com/client/DUCSetupv411.exe Version : 4.1.1 Author: Ashiyane Digital...

Mozilla Network Security Services (NSS) Library Vulnerability

A vulnerability in the Mozilla NSS library could allow an attacker to forge an RSA signature, such as an SSL certificate. The package is often included in 3rd party software, including Linux distributions, Google Chrome, and others. It is possible that other cryptographic libraries may be similar...

OpenSSL Heartbleed Patch Progress Slowing Two Months Later

It’s been more than two months since news broke of the Heartbleed vulnerability in OpenSSL one of the Internet’s most widely deployed cryptographic libraries. In the days and weeks that followed the emergence of the bug, which affected an unknown but arguably vast swath of the Web, vendors were...

Debian: Security Advisory (DSA-2339-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[BSA-057] Security update for nss

This update to the NSS cryptographic libraries revokes the trust in the "DigiCert Sdn. Bhd" certificate authority. More information can be found in the Mozilla Security Blog: http://blog.mozilla.com/security/2011/11/03/revoking-trust-in-digicert-sdn-bhd-intermediate-certificate-authority/ This...

[SECURITY] [DSA 2339-1] nss security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2339-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 07, 2011 http://www.debian.org/security/faq -...

DSA-2339-1 nss - several

Bulletin has no description...

Debian: Security Advisory (DSA-1379-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Multiple vulnerabilities in S/MIME implementations

Overview Multiple vulnerabilities exist in different vendors' S/MIME Secure/Multipurpose Internet Mail Extensions implementations. The impacts of these vulnerabilities are varied and range from denial of service to potential remote execution of arbitrary code. Description The U.K. National...

Cryptographic libraries and applications do not adequately defend against timing attacks

Overview Cryptographic libraries and applications do not provide adequate defense against a side-channel timing attack against RSA private keys. Such an attack has been shown to be practical using currently available hardware on systems and networks with sufficiently low variance in latency...