24 matches found
EUVD-2020-27067
Malware in sbrugna...
EUVD-2024-17975
Malicious code in bioql PyPI...
CVE-2024-20260
A vulnerability in the VPN and management web servers of the Cisco Adaptive Security Virtual Appliance ASAv and Cisco Secure Firewall Threat Defense Virtual FTDv, formerly Cisco Firepower Threat Defense Virtual, platforms could allow an unauthenticated, remote attacker to cause the virtual device...
Design/Logic Flaw
This issue was addressed with using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.9.10 for Android. A user in a privileged network position may intercept SSL/TLS connections...
Security Bulletin: GSKit certificate chain vulnerability in IBM Security Directory Server and Tivoli Directory Server (CVE-2013-6747)
Abstract A vulnerability has been identified in the GSKit component utilized by IBM Security Directory Server ISDS and IBM Tivoli Directory Server TDS. A malformed certificate chain can cause the ISDS or TDS client application or server process using GSKit to hang or crash. Remediation for the...
Security Bulletin: Multiple vulnerabilities in the IBM® Runtime Environments, Java™ Technology Edition, Version 6 affects the IBM InfoSphere Optim Data Masking Solution.
Summary There are multiple vulnerabilities in the IBM Runtime Environments, Java Technology Edition, Version 6 CVE-2015-0488, CVE-2015-2808,CVE-2015-0410, CVE-2015-1916,CVE-2015-0204 that affect the IBM InfoSphere Optim Data Masking Solution. These issues were disclosed as part of the IBM Java SD...
Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-0488, CVE-2015-0478, CVE-2015-2808, CVE-2015-1916, CVE-2015-0204, CVE-2015-2613, CVE-2015-2601, etc.)
Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition, Version 1.6 that is used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Collaborative Lifecycle Management CLM, Rational Requirements Composer RRC, Rational DOORS Next...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Sterling Secure Proxy and Sterling External Authentication Server (CVE-2015-0488, CVE-2015-1916, CVE-2015-2808, CVE-2015-0478, CVE-2015-0204)
Summary There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 1.7.0 that is used by Sterling Secure Proxy and Sterling External Authentication Server. These issues were disclosed as part of the IBM Java SDK updates in April 2015. Vulnerability Details CVEI...
CVE-2019-12677
A vulnerability in the Secure Sockets Layer SSL VPN feature of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to cause a denial of service DoS condition that prevents the creation of new SSL/Transport Layer Security TLS connections to an affected...
Security Bulletin: Vulnerabilities in IBM Java SDK affect IBM Storwize V7000 Unified (CVE-2015-0488, CVE-2015-2808, CVE-2015-1916, and CVE-2015-0204)
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM Storwize V7000 Unified. These issues were disclosed as part of the IBM Java SDK updates in April 2015. Vulnerability Details CVEID: CVE-2015-0488 DESCRIPTION: An unspecified...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect the Enterprise Common Collector component of the IBM Tivoli zEnterprise Monitoring Agent (CVE-2015-0488, CVE-2015-0478, CVE-2015-1916)
Summary There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 6 that is used by the Enterprise Common Collector a component of IBM Tivoli zEnterprise Monitoring Agent, a component of IBM Tivoli Monitoring. These issues were disclosed as part of the IBM Jav...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect FileNet Content Manager, IBM Content Foundation and FileNet BPM (CVE-2015-0488, CVE-2015-0478, CVE-2015-1916)
Summary There are multiple vulnerabilities in the IBM Runtime Environment Java Technology Edition used by FileNet Content Manager, IBM Content Foundation and FileNet Business Process Manager. These issues are addressed in Version 1.6.0 SR16 FP4 which is part of the IBM Java SDK April 2015 update...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational Software Architect , Rational Software Architect for Websphere software and Rational Software Architect Real Time (CVE-2015-4000, CVE-2015-0488, CVE-2015-0478, CVE-2015-02
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 7 that are used by IBM Rational Software Architect , Rational Software Architect for Websphere software and Rational Software Architect Real Time. These issues were disclosed as part of...
Security Bulletin: IBM QRadar SIEM can be affected by Multiple Vulnerabilities in the IBM Java Runtime Environment. (CVE-2015-0478, CVE-2015-0488, CVE-2015-1916, CVE-2015-2613, CVE-2015-2601, CVE-2015-4749, CVE-2015-2625, CVE-2015-1931)
Summary Several previously released versions of IBM QRadar SIEM, and IBM QRadar Incident Forensics are affected by multiple vulnerabilities reported in the IBM SDK Java Technology Edition Version 6 and 7. Vulnerability Details CVE-ID: CVE-2015-0478 Description: An unspecified vulnerability in...
PostgreSQL 9.2.x < 9.2.21 / 9.3.x < 9.3.17 / 9.4.x < 9.4.12 / 9.5.x < 9.5.7 / 9.6.x < 9.6.3 Multiple Vulnerabilities
Binary data 700120.prm...
SA119 : Multiple NSS Vulnerabilities
SUMMARY Blue Coat products that include affected versions of NSS are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to trigger arbitrary code execution. The attacker can also cause denial of service through application crashes and memory corruption...
Security update for the MozillaFirefox, mozilla-nss and mozilla-nspr (important)
This update to MozillaFirefox fixes several security issues and bugs. Mozilla Firefox was updated to 44.0. Mozilla NSS was updated to 3.21 Mozilla NSPR was updated to 4.11. The following vulnerabilities were fixed: CVE-2016-1930/CVE-2016-1931: Miscellaneous memory safety hazards boo963633...
APPLE-SA-2015-09-21-1 watchOS 2
APPLE-SA-2015-09-21-1 watchOS 2 watchOS 2 is now available and addresses the following: Apple Pay Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Some cards may allow a terminal to retrieve limited recent transaction information when making a payment Description: Th...
SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam)
The remote host allows SSL/TLS connections with one or more Diffie-Hellman moduli less than or equal to 1024 bits. Through cryptanalysis, a third party may be able to find the shared secret in a short amount of time depending on modulus size and attacker resources. This may allow an attacker to...
Debian and Ubuntu OpenSSL packages contain a predictable random number generator
Overview A vulnerability in the OpenSSL package included with the Debian GNU/Linux operating system and its derivatives may cause weak cryptographic keys to be generated. Description A weakness exists in the random number generator used by the OpenSSL package included with the Debian GNU/Linux...