CVE-2022-24436

A potential vulnerability in some Intel® processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. Mitigation Currently, there is no mitigation for this flaw. Intel has provided some guidance to developers of...

Denial Of Service (DoS)

nss is vulnerable to denial of service DoS. The vulnerability exists through the lack of input length checking for cryptographic primitives...

Security Bulletin: NSS vulnerability issue on IBM Storwize V7000 Unified (CVE-2014-3566)

Summary A fix is available for IBM Storwize V7000 Unified, for the security issue that an attacker could obtain sensitive information by exploiting a vulnerability in NSS Vulnerability Details Network Security Services NSS is a set of cryptographic software libraries. It is used in IBM Storwize...

Security Bulletin: OpenSSL Heartbleed Vulnerability and Impact to Algo and OpenPages Products

Abstract The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privac...

Parrot Security 3.10 - Security Oriented GNU/Linux Distribution

Security GNU/Linux distribution designed with cloud pentesting and IoT security in mind. It includes a full portable laboratory for security and digital forensics experts, but it also includes all you need to develop your own softwares or protect your privacy with anonymity and crypto tools...

LastPass Password Manager and then exposed a serious vulnerability, the browser-based Password Manager can also be used? - Vulnerability warning-the black bar safety net

No use cryptographic software before, we easily forget the password; use password software, we“reluctantly”leak the All password. LastPass, the popular password management software, recently again broke security vulnerabilities. Security personnel found in LastPass Chrome and Firefox 4.1.42 versi...

Parrot Security 3.3 - Security GNU/Linux distribution designed with cloud pentesting and IoT security in mind

Security GNU/Linux distribution designed with cloud pentesting and IoT security in mind. It includes a full portable laboratory for security and digital forensics experts, but it also includes all you need to develop your own softwares or protect your privacy with anonymity and crypto tools...

L3 CPU shared cache architecture is susceptible to a Flush+Reload side-channel attack

Overview L3 CPU shared cache architecture is susceptible to a Flush+Reload side-channel attack, resulting in information leakage. allowing a local attacker to derive the contents of memory not belonging to the attacker. Description Common L3 CPU shared cache architecture is susceptible to a...

Debian DSA-1195-1 : openssl096 - denial of service (multiple)

Multiple vulnerabilities have been discovered in the OpenSSL cryptographic software package that could allow an attacker to launch a denial of service attack by exhausting system resources or crashing processes on a victim's computer. - CVE-2006-3738 Tavis Ormandy and Will Drewry of the Google...

[SECURITY] [DSA 1195-1] new openssl096 packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1195-1 [email protected] http://www.debian.org/security/ Noah Meyerhans October 10, 2006 - ------------------------------------------------------------------------ Package : openssl096...

[SECURITY] [DSA 1195-1] new openssl096 packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1195-1 [email protected] http://www.debian.org/security/ Noah Meyerhans October 10, 2006 - ------------------------------------------------------------------------ Package : openssl096...

GnuPG: Incorrect signature verification

Background The GNU Privacy Guard, GnuPG, is a free replacement for the PGP suite of cryptographic software that may be used without restriction, as it does not rely on any patented algorithms. GnuPG can be used to digitally sign messages, a method of ensuring the authenticity of a message using...