EulerOS Virtualization for ARM 64 3.0.1.0 : libssh2 (EulerOS-SA-2019-1393)

According to the versions of the libssh2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A type confusion issue was found in the way libssh2 generated ephemeral secrets for the diffie-hellman-group1 and...

Sandbox Restrictions Bypass

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Ja...

Symlink Attack

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Ja...

Sandbox Restrictions Bypass

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Ja...

Sandbox Restrictions Bypass

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Ja...

Arbitrary Code Execution

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Ja...

Information Disclosure

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain...

Denial Of Service (DoS)

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. A race condition was found in the way N...

Denial Of Service (DoS)

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. A race condition was found in the way N...

Weak Encryption Parameters

The Diffie-Hellman DH key exchange algorithm implementation in the Security component in OpenJDK failed to validate public DH parameters properly. This could cause OpenJDK to accept and use weak parameters, allowing an attacker to recover the negotiated key...

Timing Side-Channel

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime NSPR provides platform independence for non-GUI operating system facilities. It was discovered that NSS leaked timin...

SUSE-SU-2019:0427-2 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: Security issue fixed: - CVE-2018-5383: Fixed an implementation issue in Bluetooth where the eliptic curve parameters were not sufficiently validated during Diffie-Hellman key exchange bsc1104301...

PT-2019-6236 · Libssh2 +3 · Libssh2 +3

Name of the Vulnerable Software and Affected Versions: libssh2 versions prior to 1.9.0 Description: The issue is related to an integer overflow in the kex method diffie hellman group exchange sha256 key exchange function of the kex.c component in the Libssh2 library, which implements the SSH2...

openSUSE: Security Advisory for kernel-firmware (openSUSE-SU-2019:0275-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PT-2019-6437 · Advanced Micro Devices Inc. +2 · Amd Secure Encrypted Virtualization +3

Name of the Vulnerable Software and Affected Versions: Secure Encrypted Virtualization SEV on Advanced Micro Devices AMD Platform Security Processor PSP 0.17 build 11 and earlier Description: The issue is related to an insecure cryptographic implementation in AMD's Secure Encrypted Virtualization...

Security Bulletin: Vulnerability in libssh2 affect IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru Firmware and QLogic Virtual Fabric Extension Module for IBM BladeCenter (CVE-2016-0787)

Summary Vulnerability in libssh2 affects IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru Firmware and QLogic Virtual Fabric Extension Module for IBM BladeCenter. Vulnerability Details Summary Vulnerability in libssh2 affects IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru Firmware and...

Security Bulletin: Logjam vulnerability affects IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch firmware (CVE-2015-4000)

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by IBM Flex System EN6131 40Gb Ethernet /IB6131 40Gb Infiniband Switch firmware...

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by multiple vulnerabilities in OpenSSL including Logjam

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. This includes Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. OpenSSL is used by IBM Flex Chassis Management Module CMM. Flex Chassis Management Module has...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Systems Director Editions. (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Tivoli Common Reporting, IBM Systems Director, IBM Tivoli Monitoring and Tivoli Application Dependency Discovery Manager which are shipped as components of IBM Systems Director Editions...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Flex System Manager (FSM) SMIA Configuration Tool (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Flex System Manager FSM SMIA Configuration Tool also known as Network Advisor. Vulnerability Details Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange...