Lucene search
+L

39 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:32 p.m.34 views

Security Bulletin: Multiple vulnerabilities in IBM SDK Java Technology Edition, and Logjam affect WebSphere Application Server shipped with SmartCloud Provisioning

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 6 that is used by WebSphere Application Server shipped with IBM SmartCloud Provisioning. These issues were disclosed as part of the IBM Java SDK updates in July 2015. This bulletin also addresses the Logjam...

5.5CVSS0.5AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:3 p.m.28 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Tivoli Composite Application Manager for Transactions (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Tivoli Composite Application Manager for Transactions. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information,...

4.3CVSS1.2AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:3 a.m.25 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM OS Images for Red Hat Linux Systems, AIX, and Windows-based deployments. (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM OS Images for Red Hat Linux Systems, AIX, and Windows-based deployments. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain...

4.3CVSS0.1AI score0.9986EPSS
Exploits1Affected Software1
n0where
n0where
added 2017/02/16 6:48 a.m.26 views

Simple OpenVPN Raspberry Pi Installer: piVPN

Simple OpenVPN Raspberry Pi Installer This is a set of shell scripts that serve to easily turn your Raspberry Pi TM into a VPN server using the free, open-source OpenVPN software. The master branch of this script installs and configures OpenVPN on Raspbian Jessie and has been tested on Ubuntu 14....

7.3AI score
Exploits0References2
The Hacker News
The Hacker News
added 2016/03/02 6:38 a.m.19 views

Turing Award — Inventors of Modern Cryptography Win $1 Million Cash Prize

And the Winners of this year's Turing Award are: Whitfield Diffie and Martin E. Hellman. The former chief security officer at Sun Microsystems Whitfield Diffie and the professor at Stanford University Martin E. Hellman won the 2015 ACM Turing Award, which is frequently described as the "Nobel Pri...

6.7AI score
Exploits0
OSV
OSV
added 2016/02/15 2:59 a.m.9 views

CVE-2016-0701

The DHcheckpubkey function in crypto/dh/dhcheck.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman DH key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose...

3.7CVSS5.9AI score
Exploits0References24
The Hacker News
The Hacker News
added 2015/07/01 8:46 p.m.11 views

Apple Releases dozens of Security Updates to Fix OS X and iOS Flaws

Apple has released updates to patch dozens of security vulnerabilities in iOS and OS X Yosemite operating system. The updates include iOS 8.4 version of the mobile operating system, OS X Yosemite 10.10.4 and Security Update 2015-005. iOS 8.4 Update The iOS 8.4 update includes patches for over 20...

8.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/06/30 12:0 a.m.52 views

RHEL 5 : openssl (RHSA-2015:1197) (Logjam)

Updated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available fo...

7.5CVSS7.2AI score0.9986EPSS
Exploits1References8
Cent OS
Cent OS
added 2015/06/25 10:23 a.m.82 views

nss security update

CentOS Errata and Security Advisory CESA-2015:1185 Updated nss and nss-util packages that fix one security issue, several bugs and add various enhancements are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact...

4.3CVSS6.1AI score0.9986EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2015/03/06 12:0 a.m.46 views

PuTTY < 0.64 Multiple Information Disclosure Vulnerabilities

The remote host has a version of PuTTY installed that is prior to 0.64. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists due to a failure to clear SSH-2 private key information from the memory during the saving or loading of key files to...

2.1CVSS5.9AI score0.00585EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/10/12 12:0 a.m.43 views

Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2014-383)

It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. CVE-2014-4216 , CVE-2014-4219 A format string flaw was discovered in the Hotsp...

9.3CVSS7.1AI score0.06118EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2014/09/29 12:0 a.m.52 views

Scientific Linux Security Update : nss and nspr on SL5.x i386/x86_64 (20140916)

A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server. CVE-2013-1740 A race condition was found in the way NSS implemented session ticket handling as specified by RFC 5077. An attacker coul...

10CVSS7.9AI score0.06329EPSS
Exploits5References6
RedHat Linux
RedHat Linux
added 2014/09/16 5:39 a.m.55 views

Moderate: Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update

Updated nss and nspr packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

10CVSS7.1AI score0.06329EPSS
Exploits5References9
OpenVAS
OpenVAS
added 2014/07/28 12:0 a.m.45 views

CentOS Update for nss-util CESA-2014:0917 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.9AI score0.06329EPSS
Exploits5References2
RedHat Linux
RedHat Linux
added 2014/07/22 5:59 p.m.58 views

Critical: Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update

Updated nss and nspr packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base...

10CVSS7.1AI score0.06329EPSS
Exploits5References9
OpenVAS
OpenVAS
added 2014/07/21 12:0 a.m.41 views

RedHat Update for java-1.7.0-openjdk RHSA-2014:0890-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS5.5AI score0.06118EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/07/17 12:0 a.m.36 views

Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20140716)

It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. CVE-2014-4216, CVE-2014-4219 A format string flaw was discovered in the Hotspo...

9.3CVSS7.1AI score0.06118EPSS
Exploits1References14
Prion
Prion
added 2013/02/05 11:55 p.m.14 views

Null pointer dereference

The publickeyfromprivatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service NULL pointer dereference and crash via a "Client: Diffie-Hellman Key Exchange Init" packet...

4.3CVSS6.9AI score0.03049EPSS
Exploits0References6Affected Software1
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.298 views

Microsoft security advisory: Updated support for Diffie-Hellman Key Exchange

None None...

6.1AI score
Exploits0
Rows per page
Query Builder