CVE-2025-32876

An issue was discovered on COROS PACE 3 devices through 3.0808.0. The BLE implementation of the COROS smartwatch does not support LE Secure Connections and instead enforces BLE Legacy Pairing. In BLE Legacy Pairing, the Short-Term Key STK can be easily guessed. This requires knowledge of the...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM BladeCenter Advanced Management Module (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, and CVE-2015-0206)

Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes "FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by IBM BladeCenter Advanced Management Module AMM. AMMhas addressed the applicable CVEs...

Bouncy Castle BC 资源管理错误漏洞

Bouncy Castle BC is a cryptographic library for C and Java applications organized by Bouncy Castle. A code issue vulnerability exists in Bouncy Castle BC-FJA versions prior to 1.0.2.4, which stems from a temporary key used by the BC-FJA FIPS module that may be zeroed out while the module is still...

OpenSSL Multiple Vulnerabilities (20150108 - 1) - Linux

OpenSSL is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2017-17435

An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An attacker can remotely unlock any safe in this product line without a valid PIN code. Even though the phone application requires it and there is a field to supply the PIN code in an authorization request,...

CVE-2017-17435

An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An attacker can remotely unlock any safe in this product line without a valid PIN code. Even though the phone application requires it and there is a field to supply the PIN code in an authorization request,...

SSL/TLS: RSA Temporary Key Handling 'RSA_EXPORT' Downgrade Issue (FREAK)

This host is accepting SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.805142";...

Mandriva Linux Security Advisory : openssl (MDVSA-2015:019)

Multiple vulnerabilities has been discovered and corrected in openssl : A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack CVE-2014-3571. A memory leak can occur in the dtls1bufferrecord...

Updated openssl packages fix security vulnerabilities

A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack CVE-2014-3571. A memory leak can occur in the dtls1bufferrecord function under certain conditions. In particular this could occur if an...

QQ2011会话密钥泄露漏洞

腾讯QQ是在中国非常广泛使用的即时聊天工具。 Windows平台上QQ的客户端（包括QQ2010/2011等版本）在实现上存在安全漏洞，在生成会话密钥相关的临时密钥时使用了不安全的随机密钥生成算法，导致攻击者可以通过监听用户登录得到会话密钥，进而可以添加、修改、查看所有的聊天记录。 Tencent QQ 2011 Tencent QQ 2010 厂商补丁： Tencent ------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://im.qq.com/qq/dlqq.shtml...

CVE-2003-1417

nCipher Support Software 6.00, when using generatekey KeySafe to import keys, does not delete the temporary copies of the key, which may allow local users to gain access to the key by reading the 1 key.pem or 2 key.der files...