Lucene search
+L

9 matches found

OSV
OSV
added 2025/03/05 10:18 p.m.9 views

GHSA-HW43-FCMM-3M5G Emissary May Use a Broken or Risky Cryptographic Algorithm

Summary The ChecksumCalculator class within allows for hashing and checksum generation, but it includes or defaults to algorithms that are no longer recommended for secure cryptographic use cases e.g., SHA-1, CRC32, and SSDEEP. These algorithms, while possibly valid for certain...

7.5CVSS7.3AI score0.00194EPSS
Exploits0References5
Qualys Blog
Qualys Blog
added 2017/05/09 6:6 p.m.252 views

Microsoft Fixes Malware Protection Engine and Several 0-Day Vulnerabilities, and Deprecates SHA-1

Hours before today’s Patch Tuesday release on the eve of May 8, Microsoft released an emergency updated to fix a vulnerability in their Malware Protection Engine. This critical vulnerability allows an attacker to take complete control of the victim's machine by just sending an e-mail attachment...

9.3CVSS2.2AI score0.7813EPSS
Exploits5
Microsoft KB
Microsoft KB
added 2017/05/09 7:0 a.m.87 views

May 9, 2017—KB4019213 (Security-only update)

None None...

9.3CVSS6.8AI score0.84138EPSS
Exploits20
ThreatPost
ThreatPost
added 2017/03/08 12:36 p.m.14 views

Firefox 52 Expands Non-Secure HTTP Warnings, Enables SHA-1 Deprecation

Mozilla fixed 28 vulnerabilities, including some that could result in a crash and the bypass of ASLR and DEP, when it released Firefox 52 on Tuesday. Seven of the vulnerabilities are considered critical, according to an advisory posted by the Mozilla Foundation. One of those vulnerabilities would...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2017/01/26 9:0 a.m.13 views

Four High-Severity Chrome Vulnerabilities Earn Researcher $32K in Rewards

For the second time in less than a year, researcher Mariusz Mlynski has earned more than $30,000 through Google’s Chrome Rewards program. Google on Wednesday released Chrome 56.0.02924.76 for Windows, Mac and Linux platforms, and Mlynski was credited with finding and disclosing four high-severity...

7.8AI score
Exploits0References5
ThreatPost
ThreatPost
added 2017/01/17 11:0 a.m.8 views

SHA-1 End Times Have Arrived

For the past couple of years, browser makers have raced to migrate from SHA-1 to SHA-2 as researchers have intensified warnings about collision attacks moving from theoretical to practical. In just weeks, a transition deadline set by Google, Mozilla and Microsoft for the deprecation of SHA-1 is u...

6.7AI score
Exploits0References12
ThreatPost
ThreatPost
added 2016/11/17 3:39 p.m.17 views

Google Removing SHA-1 Support in Chrome 56

The home stretch for SHA-1 deprecation is in full effect with Google on Wednesday announcing its final deprecation deadlines for the Chrome browser, and a cryptographic services provider warning that there’s still a long way to go to get sites off SHA-1 certificates. Google said it will remove it...

0.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2016/05/03 9:43 a.m.17 views

Microsoft's SHA-1 Deprecation Begins with Windows 10 Anniversary Update

The home stretch of Microsoft’s planned SHA-1 deprecation schedule has arrived. This summer, with the planned release of the Windows 10 Anniversary Update, users should see signs that the weak cryptographic hash function is being phased out. Microsoft said that once the anniversary update is roll...

0.9AI score
Exploits0References8
ThreatPost
ThreatPost
added 2015/11/06 1:10 p.m.9 views

Microsoft Considers Earlier SHA-1 Deprecation Deadline

Tech companies continue to back away from SHA-1 like it’s an infectious disease. Microsoft, which already had plans to deprecate the crusty cryptographic algorithm by the start of 2017, decided this week to move up that deadline six months. The company said it’s considering whether it will start...

0.6AI score
Exploits0References6
Rows per page
Query Builder