20 matches found
EUVD-2023-36923
Malicious code in bioql PyPI...
CVE-2023-32690
libspdm is a sample implementation that follows the DMTF SPDM specifications. Prior to versions 2.3.3 and 3.0, following a successful CAPABILITIES response, a libspdm Requester stores the Responder's CTExponent into its context without validation. If the Requester sends a request message that...
[SECURITY] Fedora 40 Update: sblim-cim-client-1.3.9.3-34.fc40
The purpose of this package is to provide a CIM Client Class Library for Java applications. It complies to the DMTF standard CIM Operations over HTTP and intends to be compatible with JCP JSR48 once it becomes available. To learn more about DMTF visit http://www.dmtf.org. More info about the Java...
Input validation
libspdm is a sample implementation that follows the DMTF SPDM specifications. Prior to versions 2.3.3 and 3.0, following a successful CAPABILITIES response, a libspdm Requester stores the Responder's CTExponent into its context without validation. If the Requester sends a request message that...
CVE-2023-32690
Summary: libspdm (DMTF SPDM) prior to versions 2.3.3 and 3.0 stores the responder’s CTExponent after a CAPABILITIES response without validation. If a cryptographic operation is later requested (e.g., CHALLENGE), the requester uses the unvalidated CTExponent to compute a timeout, enabling potentia...
CVE-2023-32690 Responder can Invoke Undefined Behavior in libspdm Requester
libspdm is a sample implementation that follows the DMTF SPDM specifications. Prior to versions 2.3.3 and 3.0, following a successful CAPABILITIES response, a libspdm Requester stores the Responder's CTExponent into its context without validation. If the Requester sends a request message that...
CVE-2023-32690 Responder can Invoke Undefined Behavior in libspdm Requester
libspdm is a sample implementation that follows the DMTF SPDM specifications. Prior to versions 2.3.3 and 3.0, following a successful CAPABILITIES response, a libspdm Requester stores the Responder's CTExponent into its context without validation. If the Requester sends a request message that...
CVE-2023-31127 DMTF-2023-0001: SPDM mutual authentication bypass
libspdm is a sample implementation that follows the DMTF SPDM specifications. A vulnerability has been identified in SPDM session establishment in libspdm prior to version 2.3.1. If a device supports both DHE session and PSK session with mutual authentication, the attacker may be able to establis...
CVE-2023-31127 DMTF-2023-0001: SPDM mutual authentication bypass
libspdm is a sample implementation that follows the DMTF SPDM specifications. A vulnerability has been identified in SPDM session establishment in libspdm prior to version 2.3.1. If a device supports both DHE session and PSK session with mutual authentication, the attacker may be able to establis...
[SECURITY] Fedora 20 Update: python-pycadf-0.5.1-1.fc20
DMTF Cloud Audit CADF data model...
Scientific Linux Security Update : sblim-cim-client2 on SL6.x (20120620)
The SBLIM Standards-Based Linux Instrumentation for Manageability CIM Common Information Model Client is a class library for Java applications that provides access to CIM servers using the CIM Operations over HTTP protocol defined by the DMTF Distributed Management Task Force standards. It was...
RedHat Update for sblim-cim-client2 RHSA-2012:0987-04
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Low: Red Hat Security Advisory: sblim-cim-client2 security update
Updated sblim-cim-client2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...
Alert Standard Format / Remote Management and Control Protocol Detection
Binary data asfrmcpdetect.nbin...
CentOS Update for tog-pegasus CESA-2008:0002 centos4 i386
Check for the Version of tog-pegasus OpenVAS Vulnerability Test CentOS Update for tog-pegasus CESA-2008:0002 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora Update for tog-pegasus FEDORA-2008-0572
Check for the Version of tog-pegasus OpenVAS Vulnerability Test Fedora Update for tog-pegasus FEDORA-2008-0572 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
CentOS 4 / 5 : tog-pegasus (CESA-2008:0002)
Updated tog-pegasus packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The tog-pegasus packages provide OpenPegasus Web-Based Enterprise Management WBEM...
[SECURITY] Fedora 8 Update: tog-pegasus-2.6.1-3.fc8
OpenPegasus WBEM Services for Linux enables management solutions that deliv er increased control of enterprise resources. WBEM is a platform and resource independent DMTF standard that defines a common information model and communication protocol for monitoring and controlling resources from...
[SECURITY] Fedora 7 Update: tog-pegasus-2.6.0-3.fc7
OpenPegasus WBEM Services for Linux enables management solutions that deliv er increased control of enterprise resources. WBEM is a platform and resource independent DMTF standard that defines a common information model and communication protocol for monitoring and controlling resources from...
tog security update
CentOS Errata and Security Advisory CESA-2008:0002 Updated tog-pegasus packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The tog-pegasus packages provide...