Linux Distros Unpatched Vulnerability : CVE-2020-7069

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with opensslencrypt function with 12 bytes IV, only fir...

Cactus Ransomware: New strain in the market

Cactus Ransomware: New strain in the market By Aishwarya Gentyal · July 11, 2024 Ransomware malware has been around for many years now and it continues to dominate the headlines. It's an attacker's top choice for cyber extortion and is one of the most active and profound threats facing...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to information exposure in OpenSSL (CVE-2022-2097)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to information exposure in OpenSSL, caused by improper encryption of data by the AES OCB mode for 32-bit x86 platform. CVE-2022-2097. The Open SSL component is included as part of the Base OS image that is used ...

PT-2021-20531 · Openssl +1 · Openssl +1

Name of the Vulnerable Software and Affected Versions: libtpms versions prior to 0.8.2 Description: A flaw in libtpms, specifically in its integration with OpenSSL, relates to the handling of the initialization vector IV when using certain symmetric ciphers. The issue causes the return of the...

Fedora 32 : php (2020-4fe6b116e5)

PHP version 7.4.11 01 Oct 2020 Core: - Fixed bug php79699 PHP parses encoded cookie names so malicious Host- cookies can be sent. CVE-2020-7070 Stas - Fixed bug php79979 passing value to by-ref param via CUFA crashes. cmb, Nikita - Fixed bug php80037 Typed property must not be accessed before...

Fedora 33 : php (2020-4573f0e03a)

PHP version 7.4.11 01 Oct 2020 Core: - Fixed bug php79699 PHP parses encoded cookie names so malicious Host- cookies can be sent. CVE-2020-7070 Stas - Fixed bug php79979 passing value to by-ref param via CUFA crashes. cmb, Nikita - Fixed bug php80037 Typed property must not be accessed before...

Zoom Client Trust Management Issue Vulnerability

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A trust management issue vulnerability exists in Zoom Client for Meetings version 4.6.11, which stems from the airhost.exe file initializing the SHA-256 hash value of the...

MySQL 5.7.x < 5.7.19 Multiple Vulnerabilities (RPM Check) (July 2017 CPU) (October 2017 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.19. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the UDF component that allows an authenticated, remote attacker to cause a denial of service condition. CVE-2017-3529 - An unspecified...

MySQL 5.6.x < 5.6.37 Multiple Vulnerabilities (July 2017 CPU) (October 2017 CPU)

The version of MySQL running on the remote host is 5.6.x prior to 5.6.37. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Memcached component that allows an unauthenticated, remote attacker to impact integrity and availability. CVE-2017-3633 - Multiple...

MySQL 5.7.x < 5.7.19 Multiple Vulnerabilities (Jul 2017 CPU) (Oct 2017 CPU) (Jul 2019 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.19. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the UDF component that allows an authenticated, remote attacker to cause a denial of service condition. CVE-2017-3529 - An unspecified...

[SECURITY] Fedora 21 Update: openvpn-2.3.6-1.fc21

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumer's LZO library for...