Lucene search
K

279 matches found

Intel
Intel
added 2024/08/13 12:0 a.m.14 views

Intel® IPP Software Advisory

Summary: A potential security vulnerability in some Intel® Integrated Performance Primitives Intel® IPP software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-28887 Description: Uncontrolled...

7.8CVSS7.1AI score0.0014EPSS
Exploits0
OSV
OSV
added 2024/06/01 12:0 a.m.15 views

PUB-A-308436769

Cryptographic vulnerability in standard crypto primitives that allows leaking of plaintext not primitives used in TLS...

7.5CVSS6.8AI score0.00386EPSS
Exploits0References1
Mageia
Mageia
added 2024/05/31 3:15 p.m.33 views

Updated netatalk packages fix security vulnerability

The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code...

10CVSS7.1AI score0.02656EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2024/05/22 12:0 a.m.33 views

Moderate: python3.11-cryptography security update

The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fixes: python-cryptography: NULL-dereference when loading PKCS7 certificates CVE-2023-49083 For more details...

7.5CVSS6.2AI score0.00985EPSS
Exploits1References4
OSV
OSV
added 2024/05/22 12:0 a.m.26 views

ALSA-2024:3105 Moderate: python3.11-cryptography security update

The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fixes: python-cryptography: NULL-dereference when loading PKCS7 certificates CVE-2023-49083 For more details...

7.5CVSS6.9AI score0.00985EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/05/22 12:0 a.m.18 views

CentOS 8 : python3.11-cryptography (CESA-2024:3105)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2024:3105 advisory. - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling loadpempkcs7certificates or...

7.5CVSS6.3AI score0.00985EPSS
Exploits1References2
AlmaLinux
AlmaLinux
added 2024/04/30 12:0 a.m.40 views

Moderate: python3.11-cryptography security update

The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fixes: python-cryptography: NULL-dereference when loading PKCS7 certificates CVE-2023-49083 For more details...

7.5CVSS6.5AI score0.00985EPSS
Exploits1References4
OSV
OSV
added 2024/04/30 12:0 a.m.26 views

ALSA-2024:2337 Moderate: python3.11-cryptography security update

The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fixes: python-cryptography: NULL-dereference when loading PKCS7 certificates CVE-2023-49083 For more details...

7.5CVSS6.9AI score0.00985EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.19 views

Fedora 39 : python-cryptography (2023-51706f88e3)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-51706f88e3 advisory. Automatic update for python-cryptography-37.0.2-8.fc39. Changelog Wed Feb 22 2023 Christian Heimes - 37.0.2-8 - Fix CVE-2023-23931: Don't allow updateinto to...

6.5CVSS6.7AI score0.01301EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/03/21 12:0 a.m.19 views

Oracle Linux 7 : python-cryptography (ELSA-2024-12234)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-12234 advisory. 3.2.1-1.0.1 - Fix CVE-2023-49083: NULL-dereference when loading PKCS7 certificates Orabug: 36143838 Tenable has extracted the preceding description block...

7.5CVSS6.4AI score0.00985EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2024/03/15 6:15 p.m.88 views

CVE-2024-2193

A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution related to Spectre V1 has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the...

5.7CVSS6.6AI score0.01231EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2024/03/13 8:7 a.m.181 views

CVE-2024-2193

A new cache speculation vulnerability, known as Spectre-SRC Speculative Race Conditions, was found in hw. Spectre-SRC is similar to the Spectre v1 and allows speculative use-after-free. The difference between this issue and Spectre V1 is that this issue is based on synchronization primitives with...

5.5CVSS6.8AI score0.01231EPSS
Exploits0References4
Xen Project
Xen Project
added 2024/03/12 5:6 p.m.73 views

GhostRace: Speculative Race Conditions

ISSUE DESCRIPTION Researchers at VU Amsterdam and IBM Research have discovered GhostRace; an analysis of the behaviour of synchronisation primitives under speculative execution. Synchronisation primitives are typically formed as an unbounded loop which waits until a resource is available to be...

5.7CVSS7AI score0.01231EPSS
Exploits0
Fedora
Fedora
added 2024/03/07 10:33 p.m.23 views

[SECURITY] Fedora 40 Update: frysk-0.4-94.fc40

Frysk is an execution-analysis technology implemented using native Java and C++. It is aimed at providing developers and sysadmins with the ability to both examine and analyze running multi-host, multi-process, multi-threaded systems. Frysk allows the monitoring of running processes and threads, ...

8.8CVSS6.8AI score0.02578EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2024/03/05 12:0 a.m.44 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : python-cryptography vulnerabilities (USN-6673-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6673-1 advisory. Hubert Kario discovered that python-cryptography incorrectly handled errors returned by the OpenSSL API when processing...

7.5CVSS6.5AI score0.01118EPSS
Exploits0References3
Prion
Prion
added 2024/03/04 6:15 p.m.12 views

Race condition

In the Linux kernel, the following vulnerability has been resolved: hamradio: defer ax25 kfree after unregisternetdev There is a possible race condition use-after-free like below USE | FREE ax25sendmsg | ax25queuexmit | devqueuexmit | devqueuexmit | devxmitskb | schdirectxmit | ... xmitone |...

7.5AI score
Exploits0References8
Prion
Prion
added 2024/02/21 5:15 p.m.40 views

Null pointer dereference

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if pkcs12.serializekeyandcertificates is called with both a certificate whose public key did not match the provided private key and an...

5CVSS7.2AI score0.00831EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/02/21 4:28 p.m.51 views

CVE-2024-26130

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if pkcs12.serializekeyandcertificates is called with both a certificate whose public key did not match the provided private key and an...

7.5CVSS5.9AI score0.00831EPSS
Exploits0
Fedora
Fedora
added 2024/02/17 12:57 a.m.20 views

[SECURITY] Fedora 39 Update: python-cryptography-41.0.7-1.fc39

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers...

7.5CVSS6.9AI score0.00985EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/01/18 12:0 a.m.27 views

Oracle Linux 8 / 9 : python-cryptography (ELSA-2024-12079)

The remote Oracle Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-12079 advisory. - Fix CVE-2023-49083: NULL-dereference when loading PKCS7 certificates Orabug: 36119159 - Fix CVE-2023-23931: Don't allow updateinto to mutate immutable...

7.5CVSS6.5AI score0.01301EPSS
Exploits2References2
Rows per page
Query Builder