18 matches found
EUVD-2023-54390
Malicious code in bioql PyPI...
CBL Mariner 2.0 Security Update: opensc (CVE-2023-4535)
The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4535 advisory. - An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling...
CVE-2023-4535
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...
AZL-31945 CVE-2023-4535 affecting package opensc for versions less than 0.23.0-2
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...
CVE-2023-4535
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...
Cross site scripting
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...
CVE-2023-4535 Opensc: out-of-bounds read in myeid driver handling encryption using symmetric keys
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...
CVE-2023-4535
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to...
CVE-2023-4535
CVE-2023-4535 affects OpenSC, specifically the MyEID driver’s handling of symmetric key encryption. The vulnerability is an out-of-bounds read in the OpenSC MyEID driver, which can be exploited by a physically proximate attacker using a crafted USB device or smart card to manipulate APDU response...
Recommended update for dkgpg, libTMCG (moderate)
openSUSE Security Update: Recommended update for dkgpg, libTMCG Announcement ID: openSUSE-SU-2019:1951-1 Rating: moderate References: Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that contains security fixes can now be installed. Description: This update for dkgpg, libTMCG...
July 24, 2018—KB4338827 (OS Build 15063.1235)
July 24, 2018—KB4338827 OS Build 15063.1235 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses additional issues with updated time zone information. Changes the music metadata servi...
[SECURITY] Fedora 28 Update: gnupg-1.4.23-1.fc28
GnuPG GNU Privacy Guard is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with...
MGASA-2016-0038 Updated chrony packages fix security vulnerability
In chrony before 1.31.2, when used with symmetric key encryption, the client would accept packets encrypted with keys for any configured server, allowing a server to impersonate other servers to clients, thus performing a man-in-the-middle attack CVE-2016-1567...
Updated chrony packages fix security vulnerability
In chrony before 1.31.2, when used with symmetric key encryption, the client would accept packets encrypted with keys for any configured server, allowing a server to impersonate other servers to clients, thus performing a man-in-the-middle attack CVE-2016-1567...
[SECURITY] Fedora 19 Update: gnupg-1.4.15-1.fc19
GnuPG GNU Privacy Guard is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with...
[SECURITY] Fedora 20 Update: gnupg-1.4.15-1.fc20
GnuPG GNU Privacy Guard is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with...
Fedora Update for gnupg FEDORA-2007-316
Check for the Version of gnupg OpenVAS Vulnerability Test Fedora Update for gnupg FEDORA-2007-316 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
[SECURITY] Fedora Core 5 Update: gnupg-1.4.7-1
GnuPG GNU Privacy Guard is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with...