EUVD-2018-18216

Malware in sbrugna...

EUVD-2020-0507

Malware in sbrugna...

EUVD-2021-28980

Malicious code in bioql PyPI...

Siemens SIMATIC NET CP, SINEMA & SCALANCE Integer Overflow (CVE-2021-41990)

Siemens SIMATIC NET CP, SINEMA and SCALANCE Products Affected by Vulnerabilities in Third-Party Component strongSwan. The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated...

RLSA-2023:1368 Important: nss security and bug fix update

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fixes: nss: Arbitrary memory write via PKCS 12 CVE-2023-0767 Bug Fixes: In FIPS mode, nss should reject RSASSA-PSS salt lengths large...

Important: Red Hat Security Advisory: nss security and bug fix update

An update for nss is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Important: Red Hat Security Advisory: nss security and bug fix update

An update for nss is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

ALSA-2023:1368 Important: nss security and bug fix update

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fixes: nss: Arbitrary memory write via PKCS 12 CVE-2023-0767 Bug Fixes: In FIPS mode, nss should reject RSASSA-PSS salt lengths large...

Important: nss security and bug fix update

Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fixes: nss: Arbitrary memory write via PKCS 12 CVE-2023-0767 Bug Fixes: In FIPS mode, nss should reject RSASSA-PSS salt lengths large...

Moderate: Red Hat Security Advisory: gnutls security and bug fix update

An update for gnutls is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Moderate: Red Hat Security Advisory: gnutls security and bug fix update

An update for gnutls is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2023:0946 Moderate: openssl security and bug fix update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: read buffer overflow in X.509 certificate verification CVE-2022-4203 openssl: timing attack in RS...

Moderate: openssl security and bug fix update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: read buffer overflow in X.509 certificate verification CVE-2022-4203 openssl: timing attack in RS...

openSUSE 15 Security Update : strongswan (openSUSE-SU-2021:3467-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3467-1 advisory. - The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For...

SUSE SLED15 / SLES15 Security Update : strongswan (SUSE-SU-2021:3467-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3467-1 advisory. - The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For...

CVE-2021-41990

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur...

USN-5111-1: strongSwan vulnerabilities

It was discovered that strongSwan incorrectly handled certain RSASSA-PSS signatures. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. CVE-2021-41990 It was discovered that strongSwan incorrectly handled replacing certificates in the cache. A...

Ubuntu 18.04 LTS / 20.04 LTS : strongSwan vulnerabilities (USN-5111-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5111-1 advisory. It was discovered that strongSwan incorrectly handled certain RSASSA-PSS signatures. A remote attacker could use this issue to cause strongSw...

ALPINE-CVE-2021-41990

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur...

DEBIAN-CVE-2021-41990

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur...