Low: Red Hat Security Advisory: Logging Subsystem 5.8.1- Red Hat OpenShift security update

An update is now available for RHOL-5.8-RHEL-9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Reference...

CVE-2023-50442

Encrypted folders created by PRIMX ZONECENTRAL through 2023.5 can be modified by a local attacker with appropriate privileges so that specific file types are excluded from encryption temporarily. This modification can, however, be detected, as described in the Administrator Guide...

CVE-2023-50441

Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission or ZONECENTRAL for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which...

PRIMX ZONECENTRAL Security Vulnerability

PRIMX ZONECENTRAL is an application from PRIMX USA. uses encryption to provide confidentiality services that apply to all documents of an organization. A security vulnerability exists in PRIMX ZONECENTRAL version 2023.5 and prior versions. An attacker could exploit the vulnerability to modify the...

CVE-2023-50443

CVE-2023-50443 affects PRIMX CRYHOD for Windows (versions prior to Q.2020.4 and prior to 2023.5). Root cause: an unauthenticated attacker can modify encrypted disks to inject a UNC reference, causing the host to initiate outbound network traffic when such disks are opened. Impact is outbound traf...

CVE-2023-50444

CVE-2023-50444 affects PRIMX ZED! and related products where default containers include an encrypted version of sensitive user information. According to the sources, affected items include: ZED! for Windows before Q.2020.3; ZED! for Windows before Q.2021.2; ZONECENTRAL for Windows before Q.2021.2...

CVE-2023-50443

Encrypted disks created by PRIMX CRYHOD for Windows before Q.2020.4 ANSSI qualification submission or CRYHOD for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which disks are open...

CVE-2023-50441

Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission or ZONECENTRAL for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which...

PT-2023-31549 · Primx · Primx Zonecentral For Windows

Name of the Vulnerable Software and Affected Versions: PRIMX ZONECENTRAL for Windows versions prior to Q.2021.2 PRIMX ZONECENTRAL for Windows versions prior to 2023.5 Description: Encrypted folders created by PRIMX ZONECENTRAL for Windows can be modified by an unauthenticated attacker to include ...

CVE-2023-50444

By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 ANSSI qualification submission; ZED! for Windows before Q.2021.2 ANSSI qualification submission; ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission; ZONECENTRAL for Windows before 2023.5; ZEDMAIL fo...

ProLion CryptoSpike Security Vulnerability

ProLion CryptoSpike is ProLion's solution for detecting and combating suspicious activity. A security vulnerability exists in ProLion CryptoSpike version 3.0.15P2 that stems from the use of hard-coded encrypted private keys that sign JWT authentication tokens...

The vulnerability of the ALEOS operating system’s debugging mode in wireless routers from Sierra Wireless—MP70, RV50x, RV55, LX40, LX60 ES450, GX450—allows a hacker to gain unauthorized access to protected information.

The vulnerability of the ALEOS operating system’s debugging mode for Sierra Wireless’ wireless routers—MP70, RV50x, RV55, LX40, LX60 ES450, GX450—is related to the use of strictly encrypted credentials. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

PT-2023-8385 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: An out-of-bounds memory read flaw was found in the receive encrypted standard function in the SMB Client sub-component of the Linux Kernel. This issue occurs due to integer underflow o...

CVE-2023-45866

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such...

Code injection

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such...

SUSE CVE-2023-45866

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such...

Fedora 39 : bluez (2023-6a3fe615d3)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-6a3fe615d3 advisory. Install default input.conf/network.conf Add mitigation for CVE-2023-45866 Tenable has extracted the preceding description block directly from the Fedora...

CVE-2023-45866

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such...

CVE-2023-45866

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such...

End-to-End Encrypted Instagram and Messenger Chats: Why It Took Meta 7 Years

Mark Zuckerberg personally promised that the privacy feature would launch by default on Messenger and Instagram chat. WIRED goes behind the scenes of the company’s colossal effort to get it right...