EUVD-2015-1210

Malware in sbrugna...

EUVD-2015-0176

Malware in sbrugna...

EUVD-2015-2412

Malware in sbrugna...

rapidscan

This is a Python-based web vulnerability scanner called RapidScan. It is designed to automate the process of security scanning by using a multitude of available Linux security tools and some custom scripts. The tool is still under development and currently supports around 80 vulnerability tests...

Teraleak: Pokémon Developer Game Freak Hacked; Decades of Data Leaked

Game Freak's "Teraleak" appears to expose nearly 1 terabyte of sensitive Pokémon data, including source code, cancelled games,…...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Content Manager Enterprise Edition ((CVE-2015-0410, CVE-2014-6593, CVE-2015-0383, CVE-2015-0138))

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 5 and 7, that is used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factorin...

DTLS: Deprecated DTLSv1.0 Detection

It was possible to detect the usage of the deprecated DTLSv1.0 protocol on this system. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM BladeCenter Advanced Management Module (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, and CVE-2015-0206)

Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes "FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by IBM BladeCenter Advanced Management Module AMM. AMMhas addressed the applicable CVEs...

Security Bulletin: Vulnerabilities in IBM Java SDK affects IBM SAN Volume Controller and Storwize Family (CVE-2015-0488, CVE-2015-2808, CVE-2015-1916, CVE-2015-0204)

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM SAN Volume Controller and Storwize Family. These issue was disclosed as part of the IBM Java SDK updates in Apr 2015. Vulnerability Details CVEID:CVE-2015-0488 DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Bluemix Workflow

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.1 that is used by Bluemix Workflow. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL...

Security Bulletin: Vulnerabilities in OpenSSL affect Bluemix Workflow (CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-204, CVE-2015-205, CVE-2015-206)

Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes the vulnerability that has been referred to as “FREAK”. OpenSSL is used by Bluemix Workflow for internal communication. Bluemix Workflow has addressed the applicable CVEs. Vulnerability Details...

SUSE CVE-2015-0138

GSKit in IBM Tivoli Directory Server ITDS 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server ISDS 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict T...

SUSE CVE-2015-0204

The ssl3getkeyexchange function in s3clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORTRSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to...

SUSE CVE-2015-2319

The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORTRSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204...

SA40015 - OpenSSL security advisory for January 8th, 2015 (including SSL "FREAK" issue)

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On January 8th 2015, the OpenSSL project released a security advisory. This advisory included eight 8 new CVEs. This article will describe the vulnerability and fix status for the Puls...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IMS™ Enterprise Suite: Connect API for Java, SOAP Gateway, and Explorer for Development (CVE-2015-0138, CVE-2015-0410, CVE-2014-6593)

Abstract There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, IBM SDK, Java Technology Edition, Version 7 Service Refresh 8 that is used the following IMS™ Enterprise Suite components: Connect API for Java, SOAP Gateway, and Explorer for Development. These issues were disclose...

Security Bulletin: Vulnerability with RSA Export Keys May Affect IBM WebSphere Application Server on Asset and Service Management (CVE-2015-0138)

Summary The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability CVE-2015-0138 may affect some configurations of IBM WebSphere Application Server Full Profile, IBM WebSphere Application Server Liberty Profile, and IBM WebSphere Application Server Hypervisor Edition...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Asset and Service Management

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 5, 6, 7, and 8 that are used by Maximo Asset Management, Maximo Asset Management Essentials, Maximo Asset Management for Energy Optimization, Maximo Industry Solutions including Maximo for Government, Maximo...

Security Bulletin: Vulnerability in IBM WebSphere Application Server affects WebSphere Process Server and WebSphere Process Server Hypervisor Editions (CVE-2015-0138)

Summary The “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability affects IBM WebSphere Application Server Full Profile and IBM WebSphere Application Server Hypervisor Edition that is used by WebSphere Process Server and WebSphere Process Server Hypervisor Editions...

Security Bulletin: Multiple vulnerabilities in the IBM SDK for Java™ Technology Edition April 2015 CPU affect WebSphere Process Server

Summary There are multiple vulnerabilities in IBM SDK for Java™ Technology Edition that is used by WebSphere Process Server. These issues were disclosed as part of the IBM SDK for Java Technology Edition updates in April 2015. Vulnerability Details CVEID: CVE-2015-0488 DESCRIPTION: An unspecified...