CVE-2024-3386

An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from...

CVE-2024-3386

CVE-2024-3386 : In Palo Alto Networks PAN-OS, an incorrect string comparison prevents Predefined Decryption Exclusions from functioning as intended, causing traffic destined for domains not listed in the exclusions to be unintentionally excluded from decryption. The vulnerability affects PAN-OS s...

CVE-2024-3386 PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended

An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from...

CVE-2024-3386 PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended

An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from...

PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets

A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SS...

PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended

An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from...

USN-6727-1: NSS vulnerabilities

It was discovered that NSS incorrectly handled padding when checking PKCS1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. CVE-2023-4421 It was discovered that NSS had a timin...

USN-6727-1 nss vulnerabilities

It was discovered that NSS incorrectly handled padding when checking PKCS1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. CVE-2023-4421 It was discovered that NSS had a timin...

Timing Based Side-Channel Attack

Libgcrypt is vulnerable to a timing-based side-channel attack. The vulnerability is due to the handling of RSA decryption, which may allow a remote attacker to initiate a Bleichenbacher-style attack and decrypt arbitrary RSA ciphertexts...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : NSS vulnerabilities (USN-6727-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6727-1 advisory. It was discovered that NSS incorrectly handled padding when checking PKCS1 certificates. A remote attacker could possibly use this...

PT-2024-27202

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37 Description In CoCo VMs, it is possible for the untrusted host to cause set memory encrypted or set memory decrypted to fail, resulting in shared memory. Callers need to handle these errors to avoid...

PT-2024-27203

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In CoCo VMs, it is possible for the untrusted host to cause set memory encrypted or set memory decrypted to fail, resulting in shared memory. Callers need to handle these errors to avoid...

Palo Alto Networks PAN-OS 安全漏洞

Palo Alto Networks PAN-OS is a next-generation firewall software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks PAN-OS that can be exploited by an attacker to cause a predefined decryption exclusion to not function as expected...

Palo Alto Networks PAN-OS 9.0.x < 9.0.17-h2 / 9.1.x < 9.1.17 / 10.0.x < 10.0.13 / 10.1.x < 10.1.10 / 10.2.x < 10.2.5 / 11.0.x < 11.0.2 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 9.0.x prior to 9.0.17-h2 or 9.1.x prior to 9.1.17 or 10.0.x prior to 10.0.13 or 10.1.x prior to 10.1.10 or 10.2.x prior to 10.2.5 or 11.0.x prior to 11.0.2. It is, therefore, affected by a vulnerability. - An incorrect string...

EulerOS 2.0 SP9 : python-cryptography (EulerOS-SA-2024-1494)

According to the versions of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS...

CentOS 8 : firefox (CESA-2024:1484)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:1484 advisory. - NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2024-1494)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python-cryptography (EulerOS-SA-2024-1515)

According to the versions of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2024-1515)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RLSA-2024:1646 Important: grafana security and bug fix update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Bug Fixes: TRIAGE CVE-2024-1394 grafana: golang-fips/openssl: Memory leaks i...