60 matches found
EUVD-2014-3246
Malware in sbrugna...
EUVD-2021-19490
Malware in sbrugna...
EUVD-2013-2802
Malware in sbrugna...
EUVD-2007-2696
Malware in sbrugna...
[SECURITY] Fedora 41 Update: socat-1.8.0.3-1.fc41
Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device serial line etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc., th...
Linux Distros Unpatched Vulnerability : CVE-2014-3230
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server...
Amazon Linux 2023 : bouncycastle, bouncycastle-javadoc, bouncycastle-mail (ALAS2023-2024-636)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-636 advisory. An issue was discovered in Bouncy Castle Java Cryptography APIs before ... NOTE: https://github.com/bcgit/bc-java/issues/1635NOTE: https://www.bouncycastle.org/latestreleases.htmlDEBIANBUG:...
SUSE CVE-2024-34447
An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 ships with BC Java 1.78, BC Java LTS 2.73.6 and before BC FIPS TLS Java 1.0.19. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname as happens...
CVE-2024-34447
An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 ships with BC Java 1.78, BC Java LTS 2.73.6 and before BC FIPS TLS Java 1.0.19. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname as happens...
CVE-2024-34447
An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 ships with BC Java 1.78, BC Java LTS 2.73.6 and before BC FIPS TLS Java 1.0.19. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname as happens...
CVE-2024-34447
An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 ships with BC Java 1.78, BC Java LTS 2.73.6 and before BC FIPS TLS Java 1.0.19. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname as happens...
CVE-2024-34447
An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 ships with BC Java 1.78, BC Java LTS 2.73.6 and before BC FIPS TLS Java 1.0.19. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname as happens...
CVE-2024-34447
An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 ships with BC Java 1.78, BC Java LTS 2.73.6 and before BC FIPS TLS Java 1.0.19. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname as happens...
CVE-2024-34447
CVE-2024-34447 is tied to the Bouncy Castle Crypto Package for Java. IBM’s security bulletin details an issue where, when endpoint identification is enabled in BCJSSE and an SSL socket is created without an explicit hostname (as with HttpsURLConnection), hostname verification could be performed a...
python: TLS handshake bypass
Python ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client authentication such as mTLS. This issue may result in a breach of integrity as its possible to modify or delete resources that are...
python: TLS handshake bypass
Python ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client authentication such as mTLS. This issue may result in a breach of integrity as its possible to modify or delete resources that are...
SUSE CVE-2014-0625
The SSLSocket implementation in the 1 JSAFE and 2 JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to cause a denial of service memory consumption by triggering application-data processing during the TLS handshake, a time at which the data is internal...
SUSE CVE-2015-3230
389 Directory Server formerly Fedora Directory Server before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an sslSocket, which allows remote attackers to have unspecified impact by requesting to use a disabled cipher...
GLSA-202210-37 : PJSIP: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202210-37 PJSIP: Multiple Vulnerabilities - PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before...
Updated pjproject packages fix security vulnerability
Updated pjproject packages fix security vulnerability: In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and destroy, due to the accepted socket having no group lock. Second, the SSL socket parent/ listener may get...