226 matches found
Camera 3 6 0 applications privacy data breach analysis-vulnerability warning-the black bar safety net
A lot of popular Android apps leak privacy data. We found another popular Google Play app,“Camera 3 6 0 Ultimate”,not only for the user's photos are optimized, but also inadvertently leaked the private data that can allow a malicious user is not authenticated access to the user Camera 3 6 0 cloud...
CentOS 5 : openssl (CESA-2015:1197) (Logjam)
Updated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available fo...
SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
Debian: Security Advisory (DSA-3253-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: openssl security update
Updated openssl packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...
CVE-2015-2808
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
Design/Logic Flaw
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
CVE-2015-2808
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
CVE-2015-2808
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
CVE-2015-2808
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
Mandriva Linux Security Advisory : openssl (MDVSA-2015:062)
Multiple vulnerabilities has been discovered and corrected in openssl : Race condition in the ssl3readbytes function in s3pkt.c in OpenSSL through 1.0.1g, when SSLMODERELEASEBUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service use-after-free and...
openssl security update
CentOS Errata and Security Advisory CESA-2015:0716 Updated openssl packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS ba...
java security update
CentOS Errata and Security Advisory CESA-2015:0085 Updated java-1.6.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring...
CentOS Update for java CESA-2015:0068 centos5
Check the version of java SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882094";...
Oracle Solaris Third-Party Patch Update : fetchmail (multiple_vulnerabilities_in_fetchmail) (BEAST)
The remote Solaris system is missing necessary patches to address security updates : - The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained...
Oracle Solaris Third-Party Patch Update : openssl (multiple_vulnerabilities_in_openssl6) (POODLE)
The remote Solaris system is missing necessary patches to address security updates : - Memory leak in d1srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service memory consumption via a crafted handshake message. CVE-2014-3513 - The SSL...
Oracle Solaris Third-Party Patch Update : python (multiple_vulnerabilities_in_python) (BEAST)
The remote Solaris system is missing necessary patches to address security updates : - The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained...
Microsoft Windows Secure Sockets Layer Version 3.0 - Ver2 (CVE-2004-0120)
Secure Socket Layer SSL is a cryptographic protocol that provides security and data integrity for communications over TCP/IP networks. The protocol is considered obsolete and insecure. This protection can detect and prevent connections attempting to use this protocol. In particular, this protecti...
SuSE 11.3 Security Update : IBM Java (SAT Patch Number 9992)
java-160-ibm has been updated to version 1.6.0sr16.2 to fix 18 security issues. These security issues has been fixed : - Unspecified vulnerability in Oracle Java SE 6u81. CVE-2014-3065 - The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding,...
SUSE-SU-2015:0343-2 Security update for IBM Java
java-160-ibm has been updated to version 1.6.0sr16.2 to fix 18 security issues. These security issues have been fixed: Unspecified vulnerability in Oracle Java SE 6u81 CVE-2014-3065. The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, whi...