Fedora 43 : perl-CryptX (2026-3e1f671a17)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3e1f671a17 advisory. 0.088 2026-04-23 - Crypt::KeyDerivation - new functions: pbkdf1openssl, bcryptpbkdf, scryptpbkdf, argon2pbkdf - Crypt::Misc - new functions: randomv7uuid,...

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136. Other bugfixes: Non approved PBKDF parameters wrongly resulting as approved bsc1236771. Patch Instructions: To install this SUSE update use the SUSE...

SUSE-SU-2025:0613-3 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136. Other bugfixes: - Non approved PBKDF parameters wrongly resulting as approved bsc1236771...

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2025:0613-2)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:0613-2 advisory. - CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136. Other bugfixes: - Non approved PBKDF parameters wrongly...

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136. Other bugfixes: Non approved PBKDF parameters wrongly resulting as approved bsc1236771. Patch Instructions: To install this SUSE update use the SUSE...

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136. Other bugfixes: Non approved PBKDF parameters wrongly resulting as approved bsc1236771. Patch Instructions: To install this SUSE update use the SUSE...

SUSE-SU-2025:0613-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136. Other bugfixes: - Non approved PBKDF parameters wrongly resulting as approved bsc1236771...

SUSE-SU-2022:2533-2 Security update for mozilla-nss

This update for mozilla-nss fixes the following issues: Various FIPS 140-3 related fixes were backported from SUSE Linux Enterprise 15 SP4: - Makes the PBKDF known answer test compliant with NIST SP800-132. bsc1192079. - FIPS: Add on-demand integrity tests through sftkFIPSRepeatIntegrityCheck...

GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated) Exploit

Exploit Title: GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload Unauthenticated Exploit Author: Amin Bohio Original Research & Code By: Paul Taylor / Foregenix Ltd Original Exploit: https://github.com/bao7uo/RAUcrypto Vendor Homepage: https://www.gfi.com Software Link:...

CVE-2020-8434

Jenzabar JICS aka Internet Campus Solution before 9.0.1 Patch 3, 9.1 before 9.1.2 Patch 2, and 9.2 before 9.2.2 Patch 8 has session cookies that are a deterministic function of the username. There is a hard-coded password to supply a PBKDF feeding into AES to encrypt a username and base64 encode ...

Hardcoded credentials

Jenzabar JICS aka Internet Campus Solution before 9.0.1 Patch 3, 9.1 before 9.1.2 Patch 2, and 9.2 before 9.2.2 Patch 8 has session cookies that are a deterministic function of the username. There is a hard-coded password to supply a PBKDF feeding into AES to encrypt a username and base64 encode ...

bip32key (>=0.1.0 <=0.1.2), bitcoin-utils (>=0.0.1 <=0.4.1) +38 more potentially affected by CVE-2019-14859 via ecdsa (>=0.13.0 <=0.13.2)

ecdsa PYPI version =0.13.0, =0.1.0, =0.0.1, =0.1.1, =1.1.0, =0.0.1, =0.4.3, =0.2.0, =1.0.0, =0.1.0, =0.1.0, =0.1.2, =0.1.1.dev0, =0.1.0, =0.1.4 - funkapi =0.1.5 and more Source cves: CVE-2019-14859 Source advisory: OSV:PYSEC-2020-163...