45 matches found
Advisory ROSA-SA-2025-2858
Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1k-14.0.2.rv30 CVE-ID: CVE-2020-1971 BDU-ID: 2021-00872 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the GENERALNAMEcmp function of the OpenSSL library is related to pointer dereferencing errors. Exploitation of...
Azure Linux 3.0 Security Update: edk2 / openssl (CVE-2021-4160)
The version of edk2 / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-4160 advisory. - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are...
edk2 security update
Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...
Security Bulletin: IBM Master Data Management may provide weaker than expected security due to OpenSSL through a carry propogation flaw (CVE-2021-4160)
Summary IBM Master Data Management v11.6, and v12.0 are vulnerable to a carry propogation flaw found in OpenSSL. OpenSSL could provide weaker than expected security, caused by a carry propagation flaw in the MIPS32 and MIPS64 squaring procedure. An attacker could exploit this vulnerability to...
CBL Mariner 2.0 Security Update: openssl (CVE-2021-4160)
The version of openssl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-4160 advisory. - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affecte...
Photon OS 3.0: Nxtgn PHSA-2022-3.0-0372
An update of the nxtgn package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0372. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2021-4160 affecting package edk2 for versions less than 20240223gitedc6681206c1-2
CVE-2021-4160 affecting package edk2 for versions less than 20240223gitedc6681206c1-2. An upgraded version of the package is available that resolves this issue...
OpenSSL 1.0.2 < 1.0.2zc Vulnerability
The version of OpenSSL installed on the remote host is prior to 1.0.2zc. It is, therefore, affected by a vulnerability as referenced in the 1.0.2zc advisory. - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS...
edk2 security update
20230821 - Create new 20230821 release for OL9 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
edk2 security update
20230821 - Create new 20230821 release for OL7 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450...
Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerability CVE-2021-4160
Summary There is avulnerability CVE-2021-4160 which affects IBM Engineering Workflow Management EWM. Vulnerability Details CVEID:CVE-2021-4160 DESCRIPTION: OpenSSL could provide weaker than expected security, caused by a carry propagation flaw in the MIPS32 and MIPS64 squaring procedure. An...
Security Bulletin: IBM Aspera Orchestrator affected by vulnerability (CVE-2021-4160)
Summary Aspera Orchestrator has addressed the following vulnerability. Vulnerability Details CVEID:CVE-2021-4160 DESCRIPTION: OpenSSL could provide weaker than expected security, caused by a carry propagation flaw in the MIPS32 and MIPS64 squaring procedure. An attacker could exploit this...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2022-2060)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM MQ for HPE NonStop Server is affected by OpenSSL vulnerability CVE-2021-4160
Summary MQ for HPE NonStop Server may be using weaker than expected security due to an algorithmic problem within OpenSSL. Vulnerability Details CVEID: CVE-2021-4160 DESCRIPTION: OpenSSL could provide weaker than expected security, caused by a carry propagation flaw in the MIPS32 and MIPS64...
Nessus Network Monitor < 6.0.1 Multiple Vulnerabilities (TNS-2022-10)
The version of Nessus Network Monitor NNM installed on the remote host is prior to 6.0.1. It is, therefore, affected by multiple vulnerabilities in third-party software. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C...
Security Bulletin: WebSphere MQ for HP NonStop Server is affected by OpenSSL vulnerability CVE-2021-4160
Summary WebSphere MQ for HP NonStop Server may be using weaker than expected security due to an algorithmic problem within OpenSSL. Vulnerability Details CVEID: CVE-2021-4160 DESCRIPTION: OpenSSL could provide weaker than expected security, caused by a carry propagation flaw in the MIPS32 and...
Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise & IBM Integration Bus (CVE-2021-4160)
Summary IBM App Connect Enterprise and IBM Integration Bus ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2021-4160 DESCRIPTION: OpenSSL could provide weaker than expected security, caused...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2022-1663)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : openssl (EulerOS-SA-2022-1649)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3...
EulerOS Virtualization 2.9.1 : openssl (EulerOS-SA-2022-1612)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of...