77 matches found
EUVD-2007-1852
Malware in sbrugna...
EUVD-2009-5074
Malware in sbrugna...
EUVD-2011-2981
Malware in sbrugna...
EUVD-2014-5998
Malware in sbrugna...
EUVD-2012-4530
Malware in sbrugna...
EUVD-2013-2956
Malware in sbrugna...
EUVD-2024-26943
Malicious code in bioql PyPI...
CVE-2009-5119
The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 enables weak SSL ciphers in conf/server.xml, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and then conducting a brute-force attack...
CVE-2024-29969
When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0, TLS/SSL weak message authentication code ciphers are added by default for port 18082...
K15404: OpenSSL vulnerability CVE-2009-3245
Security Advisory Description OpenSSL before 0.9.8m does not check for a NULL return value from bnwexpand function calls in 1 crypto/bn/bndiv.c, 2 crypto/bn/bngf2m.c, 3 crypto/ec/ec2smpl.c, and 4 engines/eubsec.c, which has unspecified impact and context-dependent attack vectors. CVE-2009-3245...
RUSTSEC-2022-0026 Incorrect MAC key used in the RC4-MD5 ciphersuite
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an OpenSSL 3.0 recipie...
openGauss: Configuring the SSL Encryption Algorithm
sslciphers specifies the SSL encryption algorithms used for secure connections. openGauss supports the following algorithms: - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-AES128-GCM-SHA256 - DHE-DSS-AES256-GCM-SHA384 - DHE-DSS-AES128-GCM-SHA256 - DHE-RSA-AES256-SHA256 - DHE-RSA-AES128-SHA256 -...
PT-2019-6954 · None · Perdition
Name of the Vulnerable Software and Affected Versions: Perdition versions prior to 2.2 Description: The issue is related to weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. Specifically, ssl outgoing ciphers is not being applied to STARTTLS...
Security Bulletin: The default configuration of the web server used by IBM Netezza Performance Portal uses weak SSL ciphers (CVE-2014-0848)
Summary The default configuration of the Apache web server used by IBM Netezza Performance Portal uses weak SSL ciphers. Vulnerability Details CVE ID: CVE-2014-0848 CVSS Base Score: 3.5 CVSS Temporal Score: See for the current score CVSS Environmental Score: Undefined: CVSS Vector:...
Detecting bots using Content Security Policy (CSP) headers
Bots are noisy, like really. And dangerous as well, especially if they can do crawling and increase usage by legitimate operations like items catalog retrieve in the case of e-commerce. I mean, we have a lot of reasons to do not like bots and count this problem as a cybersecurity threat, which...
Design/Logic Flaw
IBM Tivoli Application Dependency Discovery Manager TADDM before 7.2.1.5 and 7.2.x before 7.2.2 make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging support for weak SSL ciphers. IBM X-Force ID: 84353...
CVE-2013-3017
IBM Tivoli Application Dependency Discovery Manager TADDM before 7.2.1.5 and 7.2.x before 7.2.2 make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging support for weak SSL ciphers. IBM X-Force ID: 84353...
CVE-2013-3017
IBM Tivoli Application Dependency Discovery Manager (TADDM) is affected in versions before 7.2.1.5 and 7.2.x before 7.2.2. The issue arises from support for weak SSL ciphers, which could allow remote attackers to defeat cryptographic protection mechanisms. The provided documents identify the affe...
CVE-2013-3017
IBM Tivoli Application Dependency Discovery Manager TADDM before 7.2.1.5 and 7.2.x before 7.2.2 make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging support for weak SSL ciphers. IBM X-Force ID: 84353...
Security Bulletin: Multiple Vulnerabilities fixed in IBM Security Identity Manager Virtual Appliance ( CVE-2014-6106, CVE-2014-6108, CVE-2014-6109, CVE-2014-6111, CVE-2014-6112 )
Summary Multiple Vulnerabilities fixed in IBM Security Identity Manager versions 5.1, 6.0, and 7.0 Vulnerability Details CVE-ID: CVE-2014-6106 Description: IBM Security Identity Manager is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuadin...