EUVD-2023-44108

Malicious code in bioql PyPI...

TencentOS Server 3: edk2 (TSSA-2024:0076)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0076 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Linux Distros Unpatched Vulnerability : CVE-2022-4450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the name e.g. CERTIFICATE, any header data and the payload data. If the function...

Azure Linux 3.0 Security Update: cloud-hypervisor-cvm / edk2 / hvloader / kata-containers / kata-containers-cc / nodejs (CVE-2023-5678)

The version of cloud-hypervisor-cvm / edk2 / hvloader / kata-containers / kata-containers-cc / nodejs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5678 advisory. - Issue summary: Generating...

Azure Linux 3.0 Security Update: cloud-hypervisor-cvm / edk2 / hvloader / nodejs / nodejs18 / openssl (CVE-2024-4603)

The version of cloud-hypervisor-cvm / edk2 / hvloader / nodejs / nodejs18 / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4603 advisory. - Issue summary: Checking excessively long DSA ke...

N-MDM -- Impact of CVE-2024-4603 on N-MDM and N-MDM connector

Issue Summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

CentOS 8 : openssl (CESA-2023:7877)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:7877 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheck...

OpenSSL 1.0.2 < 1.0.2zj Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.2zj. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2zj advisory. - Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service...

Design/Logic Flaw

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...

CVE-2023-5678

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-2890)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-3817 Excessive time spent checking DH q parameter value

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been...

OpenSSL 1.0.2 < 1.0.2zi Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.2zi. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2zi advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the...

K22334603: OpenSSL vulnerability CVE-2016-0799

Security Advisory Description The fmtstr function in crypto/bio/bprint.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service overflow and out-of-bounds read or possibly have unspecified other impac...

CVE-2022-4450 Double free after calling PEM_read_bio_ex

The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" e.g. "CERTIFICATE", any header data and the payload data. If the function succeeds then the "nameout", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data...

openSUSE 15 Security Update : openssl-1_0_0 (openSUSE-SU-2021:2994-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:2994-1 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field...

openSUSE Security Update : bind (bind-426)

This update improves the verification of return values of openssl functions. Prior this update it was possible to spoof answers signed with DSA and NSEC3DSA. CVE-2009-0025 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...

openSUSE Security Update : bind (bind-426)

This update improves the verification of return values of openssl functions. Prior this update it was possible to spoof answers signed with DSA and NSEC3DSA. CVE-2009-0025 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...