Ubuntu: Security Advisory (USN-6753-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6753-1: CryptoJS vulnerability

Thomas Neil James Shadwell discovered that CryptoJS was using an insecure cryptographic default configuration. A remote attacker could possibly use this issue to expose sensitive information...

USN-6753-1 cryptojs vulnerability

Thomas Neil James Shadwell discovered that CryptoJS was using an insecure cryptographic default configuration. A remote attacker could possibly use this issue to expose sensitive information...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : CryptoJS vulnerability (USN-6753-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6753-1 advisory. Thomas Neil James Shadwell discovered that CryptoJS was using an insecure cryptographic default configuration. A remote attack...

Debian: Security Advisory (DLA-3669-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3669-1] cryptojs security update

Debian LTS Advisory DLA-3669-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin November 27, 2023 https://wiki.debian.org/LTS Package : cryptojs Version : 3.1.2+dfsg-2+deb10u1 CVE ID : CVE-2023-46233 Debian Bug : 1055525 Thomas Neil James Shadwell reported that...

DLA-3669-1 cryptojs - security update

Bulletin has no description...

CVE-2017-11133

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. To encrypt messages, AES in CBC mode is used with a pseudo-random secret. This secret and the IV are generated with math.random in previous versions and with...

Code injection

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. To encrypt messages, AES in CBC mode is used with a pseudo-random secret. This secret and the IV are generated with math.random in previous versions and with...

RAA Ransomware Composed Entirely of JavaScript

We’ve already seen ransomware take on many forms this year, but researchers this week claim they’ve noticed a new strain unlike any they’ve seen prior–a type composed entirely of JavaScript. The ransomware, dubbed RAA by researchers, has been circulating through attachments masquerading as Word...

CVE-2013-1705

CVE-2013-1705 is a heap-based buffer underflow in the cryptojs_interpret_key_gen_type function affecting Mozilla Firefox before 23.0 and SeaMonkey before 2.20, enabling remote code execution or crash via a crafted CRMF request. Affected products are Firefox (<23.0) and SeaMonkey (