110 matches found
MiracleLinux 7 : openssl-1.0.2k-12.el7 (AXSA:2018-2937:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2937:01 advisory. openssl: bnsqrx8xinternal carry bug on x8664 CVE-2017-3736 openssl: Read/write after SSL object in error state CVE-2017-3737 openssl: rsaz1024mulavx...
TencentOS Server 2: openssl (TSSA-2023:0331)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0331 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
Security Bulletin: Multiple security vulnerabilities have been identified in Open SSL, which is shipped with IBM Tivoli Network Manager IP Edition.
Summary Open SSL is shipped with IBM Tivoli Network Manager IP Edition version 3.9. Information about security vulnerabilities affecting Open SSL has been published here. Vulnerability Details CVEID: CVE-2017-3735 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information,...
K14363514: OpenSSL vulnerability CVE-2017-3736
Security Advisory Description There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perfo...
Security Bulletin: IBM MQ Advanced Message Security is vulnerable to an OpenSSL Montgomery squaring function propagation flaw (CVE-2017-3736)
Summary IBM MQ and IBM WebSphere MQ are affected by an OpenSSL vulnerability which could allow a remote attacker to obtain sensitive information. This is caused by a carry propagation flaw in the the x8664 Montgomery squaring function bnsqrx8xinternal. OpenSSL is used by IBM MQ Advanced Message...
Slackware: Security Advisory (SSA:2017-306-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Spectrum Control (formerly IBM Tivoli Storage Productivity Center) is affected by OpenSSL vulnerabilities (CVE-2017-3735, CVE-2017-3736, CVE-2017-3737, CVE-2017-3738)
Summary OpenSSL vulnerabilities were disclosed August, November, and December 2017 by the OpenSSL Project. OpenSSL, used by IBM Spectrum Control formerly Tivoli Storage Productivity Center, has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-3735 DESCRIPTION: OpenSSL could...
Security Bulletin: Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for Unix
Summary There are multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for Unix. IBM Spectrum Protect Snapshot for Unix has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL coul...
Security Bulletin: Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for VMware
Summary There are multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for VMware. IBM Spectrum Protect Snapshot for VMware has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL...
SUSE: Security Advisory (SUSE-SU-2018:0293-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0002-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Security Vulnerabilities in IBM® Java SDK affect multiple IBM Rational products based on IBM Jazz technology July 2018 CPU
Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition, Version 1.7 and 1.8 that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational...
Security Bulletin: OpenSSL vulnerabilities affect IBM Rational Team Concert
Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by Rational BuildForge Agent shipped with IBM Rational Team Concert. Rational BuildForge has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-3735 DESCRIPTION: OpenSSL could allow a remote...
SUSE: Security Advisory (SUSE-SU-2017:3169-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Software Architect and Rational Software Architect for WebSphere Software
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7 and 8 that are used by IBM Rational Software Architect and Rational Software Architect for WebSphere Software.These CVE's CVE-2018-1656, CVE-2018-12539, CVE-2018-0705, CVE-2018-3732 and CVE-2018-3736 were...
Security Bulletin: IBM Sterling Connect:Express for UNIX is Affected by the Following OpenSSL Vulnerabilities (CVE-2017-3736, CVE-2017-3737, CVE-2017-3738)
Summary Security vulnerabilities were disclosed on Nov 1, 2017 and Dec 6, 2017 by the OpenSSL Project. OpenSSl is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVEs. Vulnerability Details CVE-ID: CVE-2017-3736 Description: OpenSS...
Security Bulletin: Vulnerabilities in GSKit affects IBM Sterling Connect:Direct for UNIX
Summary A vulnerability has been addressed in the GSKit component of IBM Sterling Connect:Direct for UNIX. Further, OpenSSL vulnerabilities disclosed by the OpenSSL Project affect GSKit. IBM Sterling Connect:Direct for UNIX uses GSKit and therefore is also vulnerable. Vulnerability Details CVEID:...
Security Bulletin: Vulnerabilities in OpenSSL Affect IBM Sterling Connect:Direct for HP NonStop (CVE-2017-3736)
Summary OpenSSL vulnerabilities were disclosed on November 2, 2017 by the OpenSSL Project. OpenSSL is used by IBM Sterling Connect:Direct for HP NonStop. IBM Sterling Connect:Direct for HP NonStop has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2017-3736 Description: OpenSSL...
Security Bulletin: Multiple vulnerabilities in GSKit affect IBM Workload Scheduler
Summary GSKit is used by IBM Workload Manager and is vulnerable to some OpenSSL vulnerabilities. IBM Workload Manager has addressed the applicable CVEs using an updated version of GSKit libraries. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is vulnerable to a denial of service...
Security Bulletin: Multiple vulnerabilities in OpenSSL affect WebSphere Message Broker , IBM Integration Bus and IBM App Connect
Summary Multiple vulnerabilities in OpenSSL affect WebSphere Message Broker, IBM Integration Bus and IBM App Connect. The DataDirect ODBC Drivers used by WebSphere Message Broker , IBM App Connect and IBM Integration Bus have addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-37...