Inadequate Encryption Strength

Overview github.com/pion/dtls is a DTLS 1.2 Server/Client implementation for Go. Affected versions of this package are vulnerable to Inadequate Encryption Strength due to the use of the random nonce generation with AES GCM ciphers. An attacker can obtain the authentication key and spoof data by...

EUVD-2022-28486

Malicious code in bioql PyPI...

Mageia: Security Advisory (MGASA-2015-0115)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-23408

wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c...

Information disclosure

wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c...

CVE-2022-23408

wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c...

CVE-2022-23408

wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c...

CVE-2022-23408

CVE-2022-23408 affects wolfSSL 5.x before 5.1.1, where non-random IV values are used in certain situations. The vulnerability arises from misplaced memory initialization in BuildMessage in internal.c, impacting connections that do not use AEAD and rely on AES-CBC or DES3 with TLS 1.1/1.2 or DTLS ...

openSUSE Security Update : MozillaFirefox (openSUSE-2014-476)

MozillaFirefox was updated to version 31 to fix various security issues and bugs : - MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards - MFSA 2014-57/CVE-2014-1549 bmo1020205 Buffer overflow during Web Audio buffering for playback - MFSA 2014-58/CVE-2014-1550 bmo1020411...

openSUSE Security Update : openSUSE-2014- (openSUSE-2014--1)

MozillaFirefox was updated to version 31 to fix various security issues and bugs : - MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards - MFSA 2014-57/CVE-2014-1549 bmo1020205 Buffer overflow during Web Audio buffering for playback - MFSA 2014-58/CVE-2014-1550 bmo1020411...