CLSA-2026-1779101894 opensc: Fix of CVE-2023-40661

CVE-2023-40661: fix multiple smartcard pkcs15init buffer overflows, underflows and out-of-bounds writes scpkcs15initrmdir, setcoscreatekey, cosmnewfile, cosmcreatekey, scpkcs15getlastupdate, iasecc-sdo, entersafe, epass2003 keygen...

MiracleLinux 9 : nodejs-16.17.1-1.el9 (AXSA:2022-4091:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4091:01 advisory. nodejs: weak randomness in WebCrypto keygen CVE-2022-35255 nodejs: HTTP Request Smuggling due to incorrect parsing of header fields CVE-2022-35256...

MiracleLinux 9 : jss-5.3.0-1.el9, ldapjdk-5.3.0-1.el9, pki-core-11.3.0-1.el9, tomcatjss-8.3.0-1.el9 (AXSA:2023-5762:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5762:01 advisory. pki-core: When using the caServerKeygenDirUserCert profile, user can get certificates for other UIDs by entering name in Subject field CVE-2022-2393 Tenable...

CVE-2020-12118

The keygen protocol implementation in Binance tss-lib before 1.2.0 allows attackers to generate crafted h1 and h2 parameters in order to compromise a signing round or obtain sensitive information from other parties...

EUVD-2021-1252

Malware in sbrugna...

EUVD-2009-3252

Malware in sbrugna...

EUVD-2011-2782

Malware in sbrugna...

EUVD-2001-0259

Malware in sbrugna...

EUVD-2018-0017

Malware in sbrugna...

EUVD-2009-3251

Malware in sbrugna...

EUVD-2014-3227

Malware in sbrugna...

EUVD-2010-2459

Malware in sbrugna...

EUVD-2022-38146

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-13131

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Yubico libykpiv before 2.1.0. lib/util.c in this library which is included in yubico-piv-tool does not properly check embedded length...

Linux Distros Unpatched Vulnerability : CVE-2018-16837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ansible User module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials...

CVE-2021-32673

reg-keygen-git-hash-plugin is a reg-suit plugin to detect the snapshot key to be compare with using Git commit hash. reg-keygen-git-hash-plugin through and including 0.10.15 allow remote attackers to execute of arbitrary commands. Upgrade to version 0.10.16 or later to resolve this issue...

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2025:1516-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:1516-1 advisory. - CVE-2024-6119: Fixed denial of service in X.509 name checks bsc1229465 Other fixes: - FIPS: Deny SHA-1 signature verification in FIPS provider...

SUSE-SU-2025:1516-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2024-6119: Fixed denial of service in X.509 name checks bsc1229465 Other fixes: - FIPS: Deny SHA-1 signature verification in FIPS provider bsc1221365. - FIPS: RSA keygen PCT requirements. - FIPS: Check that the fips provider is available...

gnutls security update

3.6.16-8.3fips - Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length as defined in FIPS 186-4 section B.3.2 Orabug: 33200526 - Allow bigger known RSA modulus sizes when calling rsageneratefips1864keypair directly Orabug: 33200526 - Change Epoch from 1 to 10...

Linux Distros Unpatched Vulnerability : CVE-2015-3405

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest...