EUVD-2021-13690

Malware in sbrugna...

CVE-2025-36582

Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation 'Algorithm Downgrade' vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

CVE-2024-39545 Junos OS: SRX Series, MX Series with SPC3 and NFX350: When VPN tunnels parameters are not configured in specific way the iked process will crash

An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon iked of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending specific mismatching parameters as part of the IPsec...

Microsoft SPNEGO Extended Negotiation 安全漏洞

Microsoft SPNEGO Extended Negotiation is a SPNEGO extension from Microsoft Corporation USA. A security vulnerability exists in Microsoft SPNEGO Extended Negotiation. The following products and editions are affected: Windows 8.1 for x64-based systems,Windows RT 8.1,Windows Server 2008 R2 for...

MGASA-2021-0118 Updated openssh packages fix a security vulnerability

The client side in OpenSSH 5.7 through 8.3 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client CVE-2020-14145...

IBM Cloud Pak for Security Weak Encryption Algorithm Vulnerability

IBM Cloud Pak for Security is an integrated security tool that uses a unified interface to provide deep insight into threats in hybrid multi-cloud environments. A weak cryptographic algorithm vulnerability exists in IBM Cloud Pak for Security 1.3.0.1. The vulnerability stems from the product usin...

CVE-2020-4624

IBM Cloud Pak for Security 1.3.0.1 CP4S uses weaker than expected cryptographic algorithms during negotiation could allow an attacker to decrypt sensitive information...

Debian DLA-1662-1 : libthrift-java security update

It was discovered that it was possible to bypass SASL negotiation isComplete validation in libthrift-java, Java language support for the Apache Thrift software framework. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making t...

CVE-2016-6415

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association SA negotiation request, aka Bu...

DEBIAN-CVE-2013-7441

The modern style negotiation in Network Block Device nbd-server 2.9.22 through 3.3 allows remote attackers to cause a denial of service root process termination by 1 closing the connection during negotiation or 2 specifying a name for a non-existent export...