96 matches found
MiracleLinux 9 : nss-3.90.0-4.el9_3 (AXSA:2024-7386:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7386:01 advisory. nss: timing attack against RSA decryption CVE-2023-5388 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...
MiracleLinux 7 : nss-softokn-3.90.0-6.0.1.el7.AXS7 (AXSA:2025-9721:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9721:01 advisory. Network Security Services Softoken Cryptographic Module Security fixes: - CVE-2023-5388: fix timing attack against RSA decryption - Bug 1784253: avoid...
Alibaba Cloud Linux 3 : 0216: nss (ALINUX3-SA-2024:0216)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0216 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-5388: NSS was susceptible to a...
Linux Distros Unpatched Vulnerability : CVE-2023-5388
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data...
Security Bulletin: A vulnerability in RedHat UBI minimal affects IBM Robotic Process Automation for Cloud Pak which could allow an attacker to obtain sensitive information (CVE-2023-5388).
Summary A vulnerability in RedHat UBI minimal affects IBM Robotic Process Automation for Cloud Pak. RedHat UBI images are used as base images for IBM Robotic Process Automation containers. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...
Security Bulletin: Vulnerability in nss library (CVE-2023-5388) affects Power HMC.
Summary The nss library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-5388 DESCRIPTION: Red Hat Enterprise Linux could allow a remote authenticated attacker to obtain sensitive information, caused by an observable timi...
Photon OS 5.0: Nss PHSA-2024-5.0-0234
An update of the nss package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0234. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20425...
SUSE-SU-2024:2600-1 Security update for mozilla-nss
This update for mozilla-nss fixes the following issues: - FIPS: Added more safe memset bsc1222811. - FIPS: Adjusted AES GCM restrictions bsc1222830. - FIPS: Adjusted approved ciphers bsc1222813, bsc1222814, bsc1222821, bsc1222822, bsc1224118, bsc1222807, bsc1222828, bsc1222834, bsc1222804,...
SUSE-RU-2024:2564-1 Recommended update for mozilla-nss
This update for mozilla-nss fixes the following issues: - Fixed startup crash of Firefox when using FIPS-mode bsc1223724. - Added 'Provides: nss' so other RPMs that require 'nss' can be installed jira PED-6358. - FIPS: added safe memsets bsc1222811 - FIPS: restrict AES-GCM bsc1222830 - FIPS:...
RHEL 7 : nss (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nss: Insufficient timing side-channel resistance in divSpoiler CVE-2016-9074 - nss before version 3.30 is...
SUSE: Security Advisory (SUSE-SU-2024:1002-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:0971-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : firefox (RHSA-2024:1486)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1486 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
RHEL 7 : thunderbird (RHSA-2024:1498)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1498 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.9.0. Security Fixes: nss:...
nss security update
3.90.0-6fips - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35862190 - Update FIPS module name for Oracle Linux Orabug: 35862190 3.90.0-6 - Fix ecc DER wrapping. 3.90.0-5 - Pick up validated constant time implementations of p256, p384, and p521 from upsream - Mo...
Mageia: Security Advisory (MGASA-2024-0092)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2024-0094)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS: Security Advisory for thunderbird (CESA-2024:1498)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS: Security Advisory for firefox (CESA-2024:1486)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
firefox security update
CentOS Errata and Security Advisory CESA-2024:1486 An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...