Lucene search
K

116 matches found

Schneier on Security
Schneier on Security
added 2024/08/15 3:37 p.m.8 views

NIST Releases First Post-Quantum Encryption Algorithms

From the Federal Register: After three rounds of evaluation and analysis, NIST selected four algorithms it will standardize as a result of the PQC Standardization Process. The public-key encapsulation mechanism selected was CRYSTALS-KYBER, along with three digital signature schemes:...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/08/06 1:0 p.m.8 views

Rapid7’s Ransomware Radar Report Shows Threat Actors are Evolving …Fast.

Few issues keep cybersecurity professionals up at night more than the threat of ransomware. The ubiquity of targets, the relative organization of threat actors, and their multiple paths of entry make combating ransomware particularly formidable. But there is one more facet to this threat that mak...

7.2AI score
Exploits0
Filippo.io
Filippo.io
added 2024/07/17 2:39 p.m.15 views

age Plugins

age is a file encryption tool, library, and format. It lets you encrypt files to “recipients” and decrypt them with “identities”. $ age-keygen -o key.txt Public key: age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p $ tar cvz /data | age -r...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2024/07/02 12:0 a.m.5 views

Dell PowerScale OneFS 加密问题漏洞

Dell PowerScale OneFS is an operating system from Dell USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. Dell PowerScale OneFS suffers from a cryptographic issue vulnerability that arises from the inclusion of the use of corrupted or risky encryption algorithms. An...

7.5CVSS6.7AI score0.00205EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.5 views

Dell PowerScale OneFS 加密问题漏洞

Dell PowerScale OneFS is a proprietary operating system developed by Dell for its PowerScale horizontally scalable NAS network attached storage solution. Dell PowerScale OneFS has a cryptographic issue vulnerability that arises from the presence of a vulnerability in the use of corrupted or risky...

7.5CVSS6.5AI score0.0044EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/19 12:0 a.m.51 views

EulerOS Virtualization 2.10.1 : libssh2 (EulerOS-SA-2024-1548)

According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacke...

5.9CVSS7.1AI score0.9378EPSS
Exploits4References2
CNNVD
CNNVD
added 2024/02/10 12:0 a.m.3 views

IBM Semeru Runtime Encryption Issue Vulnerability

IBM Semeru Runtime is a Java Runtime Environment JRE from International Business Machines IBM. IBM Semeru Runtime suffers from a cryptographic issue vulnerability that stems from the use of weaker-than-expected encryption algorithms that could allow an attacker to decrypt highly sensitive...

7.5CVSS6.5AI score0.00323EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/31 12:0 a.m.109 views

CentOS 8 : libssh (CESA-2024:0628)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:0628 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks...

5.9CVSS7.1AI score0.9378EPSS
Exploits4References2
Veracode
Veracode
added 2023/12/22 5:25 a.m.19 views

Weak Cryptography

blinksocks is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the usage of weak encryption algorithms and fixed initialization vectors IV within /presets/ssr-auth-chain.js. This issue can be exploited by an attacker to disclose sensitive encrypted information via brute...

7.5CVSS6.2AI score0.00274EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/12/21 11:15 a.m.19 views

CVE-2023-50481

An issue was discovered in blinksocks version 3.3.8, allows remote attackers to obtain sensitive information via weak encryption algorithms in the component /presets/ssr-auth-chain.js...

7.5CVSS7.3AI score0.00274EPSS
Exploits0References2
CVE
CVE
added 2023/12/21 12:0 a.m.49 views

CVE-2023-50481

CVE-2023-50481 affects blinksocks 3.3.8. The vulnerability is in the component /presets/ssr-auth-chain.js, due to the use of weak encryption algorithms (and fixed IVs) that can disclose sensitive information. Impact is described as sensitive information disclosure; no exploit details are provided...

7.5CVSS7.2AI score0.00274EPSS
Exploits0References2Affected Software1
The Hacker News
The Hacker News
added 2023/08/18 6:51 a.m.52 views

Google Chrome's New Feature Alerts Users About Auto-Removal of Malicious Extensions

Google has announced plans to add a new feature in the upcoming version of its Chrome web browser to proactively alert users when an extension they have installed has been removed from the Chrome Web Store. The feature, set for release alongside Chrome 117, allows users to be notified when an...

6.8AI score
Exploits0
CNNVD
CNNVD
added 2023/08/09 12:0 a.m.6 views

HCL DRYiCE iAutomate Encryption Issue Vulnerability

HCL Technologies DRYiCE MyCloud is a Hybrid Cloud Lifecycle Management product from HCL Technologies, USA. A security vulnerability exists in HCL DRYiCE iAutomate that stems from the use of broken encryption algorithms...

7.1CVSS6.8AI score0.00101EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/06/23 12:0 a.m.3 views

IBM QRadar SIEM 加密问题漏洞

IBM QRadar SIEM is a solution from International Business Machines IBM that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...

7.5CVSS7.7AI score0.00388EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/04/12 12:0 a.m.18 views

Linux: BSI TR-02102-4 Encryption Algorithms

Recommended SSH encryption ciphers from TR-02102-4. Per the recommendations, AEADAES128GCM or AEADAES256GCM should be utilized when possible. Other ciphers accepted by the recommendations are aes128-ctr, aes192-ctr, and aes256-ctr. Note: This check fails if any algorithms are found that are not...

5.9AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/03/28 12:0 a.m.5 views

The vulnerability of GnuPG’s information encryption and digital signatures software lies in its weak encryption methods, allowing attackers to gain access to confidential data.

The vulnerability of GnuPG’s information encryption and digital signatures lies in the use of weak encryption algorithms. Exploiting this vulnerability could allow a remote attacker to gain access to confidential data...

7.8CVSS6.3AI score0.0105EPSS
Exploits1References11Affected Software3
CNVD
CNVD
added 2023/02/17 12:0 a.m.29 views

Dell EMC Unity Encryption Issue Vulnerability

Dell EMC Unity is a unified storage array product from Dell, a U.S. company. versions prior to Dell EMC Unity 5.2.0.0.5.173 have an encryption issue vulnerability that stems from the use of corrupted encryption algorithms, which can be exploited by a remote, unauthenticated attacker to obtain...

5.9CVSS4.5AI score0.00451EPSS
Exploits0References1
CNVD
CNVD
added 2023/02/08 12:0 a.m.25 views

IBM Security Verify Governance Encryption Issue Vulnerability

IBM Security Verify Governance, an intelligent identity access platform from International Business Machines IBM, Inc. provides organizations with a platform to analyze, define and control user access and access risks. IBM Security Verify Governanc has an encryption issue vulnerability that stems...

7.5CVSS2.1AI score0.00478EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2022/07/06 5:19 p.m.41 views

NIST Announces First Four Quantum-Resistant Cryptographic Algorithms

The U.S. Department of Commerce's National Institute of Standards and Technology NIST has chosen the first set of quantum-resistant encryption algorithms that are designed to "withstand the assault of a future quantum computer." The post-quantum cryptography PQC technologies include the...

Exploits0
CNVD
CNVD
added 2022/07/05 12:0 a.m.344 views

OpenSSL RSA Component Remote Code Execution Vulnerability

OpenSSL is an open source Openssl team's general-purpose cryptographic library capable of implementing Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. The product supports multiple encryption algorithms, including symmetric ciphers, hashing algorithms, secure hashing...

10CVSS3.5AI score0.44881EPSS
Exploits3References1
Rows per page
Query Builder