106 matches found
CLSA-2025-1760023353 openssl: Fix of 2 CVEs
CVE-2019-1547: fix side-channel vulnerability in ECDSA when using explicit EC parameters without cofactor - CVE-2025-9230: fix incorrect check of unwrapped key size...
TencentOS Server 3: openssl (TSSA-2022:0025)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0025 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Linux Distros Unpatched Vulnerability : CVE-2019-1547
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to...
edk2 security update
Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.8)
The version of AOS installed on the remote host is prior to 6.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.8 advisory. - In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be...
edk2 security update
20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
edk2 security update
20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
Security Bulletin: One or more security vulnerabilities has been identified in OpenSSL in IBM® AIX® shipped with IBM PureData System for Operational Analytics (CVE-2019-1559,CVE-2019-1547,CVE-2019-1563)
Summary IBM® AIX® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities in OpenSSL affecting IBM AIX have been published in a security bulletin CVE-2019-1559,CVE-2019-1547,CVE-2019-1563. Vulnerability Details CVEID:CVE-2019-1547...
Tenable Nessus Network Monitor < 5.11.0 Multiple Vulnerabilities (TNS-2019-08)
Tenable Nessus Network Monitor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
SUSE SLES11 Security Update : openssl (SUSE-SU-2019:14174-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14174-1 advisory. - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases,...
SUSE SLES11 Security Update : openssl1 (SUSE-SU-2019:14171-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14171-1 advisory. - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases,...
SUSE: Security Advisory (SUSE-SU-2019:14174-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2403-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2410-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2561-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM DataPower Gateway is potentially vulnerable to two cryptographic side-channel vulnerabilities in SSL.
Summary Side-channel vulnerabilities in SSL CVE-2019-1563, CVE-2019-1547 potentially affect IBM DataPower Gateway Vulnerability Details CVEID: CVE-2019-1563 DESCRIPTION: In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker,...
SUSE: Security Advisory (SUSE-SU-2019:2397-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2413-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0099-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 8 package openssl10 version 1.0.2u-alt0.M80P.1
1.0.2u-alt0.M80P.1 built Dec. 11, 2020 Gleb Fotengauer-Malinovskiy in task 263122 Dec. 9, 2020 Gleb Fotengauer-Malinovskiy - Updated to 1.0.2u fixes CVE-2019-1547, CVE-2019-1551, CVE-2019-1552, CVE-2019-1563 - Backported upstream fix for GENERALNAMEcmp fixes CVE-2020-1971...