11 matches found
EUVD-2025-34827
In the ConnectWise Automate Agent, communications could be configured to use HTTP instead of HTTPS. In such cases, an on-path threat actor with a man-in-the-middle network position could intercept, modify, or replay agent-server traffic. Additionally, the encryption method used to obfuscate some...
CVE-2025-11492
In the ConnectWise Automate Agent, communications could be configured to use HTTP instead of HTTPS. In such cases, an on-path threat actor with a man-in-the-middle network position could intercept, modify, or replay agent-server traffic. Additionally, the encryption method used to obfuscate some...
SUSE: Security Advisory (SUSE-SU-2024:3404-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Kerberos vulnerability (USN-7542-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7542-1 advisory. It was discovered that Kerberos allowed the usage of weak cryptographic standards. An attacker could...
SUSE CVE-2016-2106
Integer overflow in the EVPEncryptUpdate function in crypto/evp/evpenc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service heap memory corruption via a large amount of data...
PT-2020-9625 · Red Hat · Business Central
Name of the Vulnerable Software and Affected Versions: business-central as shipped in rhdm-7.5.1 business-central as shipped in rhpam-7.5.1 Description: A vulnerability was found in business-central where encoded passwords are stored in errai security context. The encoding used for storing the...
openssl: EVP_EncryptUpdate overflow
An integer overflow flaw, leading to a buffer overflow, was found in the way the EVPEncryptUpdate function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of t...
ALPINE-CVE-2016-2106
Integer overflow in the EVPEncryptUpdate function in crypto/evp/evpenc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service heap memory corruption via a large amount of data...
DEBIAN-CVE-2016-2106
Integer overflow in the EVPEncryptUpdate function in crypto/evp/evpenc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service heap memory corruption via a large amount of data...
[slackware-security] gaim updated again
A couple of bugs were found in the gaim 0.82 release, and gaim-0.82.1 was released to fix them. In addition, gaim-encryption-2.29 did not work with gaim-0.82 due to changes in the header files, so the gaim-encryption plugin has also been updated to gaim-encryption-2.30. Here are the details from...
MiraMail 1.04 can give POP account access and details
Released: January 9, 2002 Discovered: January 3, 2002 by Chris Lathem [email protected] Program Overview: MiraMail is a fairly new program to the market, and is intended to be used as a news server. It is developed and maintained by Nevrona Designs. For more information please see...