145 matches found
EulerOS 2.0 SP10 : shim (EulerOS-SA-2023-1962)
According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an...
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-1984)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : shim (EulerOS-SA-2023-1984)
According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an...
RHEL 8 : edk2 (RHSA-2023:2932)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2932 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware f...
RHEL 9 : edk2 (RHSA-2023:2165)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2165 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware f...
Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-1853)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 9 : edk2 (RHSA-2023:2022)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:2022 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU a...
Oracle Linux 6 : openssl (ELSA-2023-12297)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12297 advisory. - Backport fixes for CVE-2023-0286 Orabug: 35212597 - Fix possible infinite loop in BNmodsqrt CVE-2022-0778Orabug: 33969800 - Backport fixes for CVE-2020-1971...
FreeBSD : py-cryptography -- includes a vulnerable copy of OpenSSL (c1a8ed1c-2814-4260-82aa-9e37c83aac93)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c1a8ed1c-2814-4260-82aa-9e37c83aac93 advisory. - There is a type confusion vulnerability relating to X.400 address processing inside an X.509...
RLSA-2023:1405 Important: openssl security update
OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: X.400 address type confusion in X.509 GeneralName CVE-2023-0286 openssl: timing attack in RSA...
openssl security update
1:1.1.1k-9 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEMreadbioex Resolves: CVE-2022-4450 - Fixed Use-after-free following BIOnewNDEF Resolves: CVE-2023-0215 - Fixed X.400 address type confusion in X.509 GeneralName Resolves: CVE-2023-0286...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
Important: Red Hat Security Advisory: openssl security update
An update for openssl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
Important: Red Hat Security Advisory: openssl security update
An update for openssl is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...
Important: Red Hat Security Advisory: openssl security update
An update for openssl is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
Important: Red Hat Security Advisory: openssl security update
An update for openssl is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
openssl: X.400 address type confusion in X.509 GeneralName
A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...