CVE-2019-7477

A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0...

EUVD-2019-17019

Malware in sbrugna...

EUVD-2015-7722

Malware in sbrugna...

EUVD-2018-21453

Malware in sbrugna...

openSUSE 15 Security Update : Botan (openSUSE-SU-2024:0201-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0201-1 advisory. Update to 2.19.5: Fix multiple Denial of service attacks due to X.509 cert processing: CVE-2024-34702 - boo1227238 CVE-2024-34703 - boo1227607...

OPENSUSE-SU-2024:0201-1 Security update for Botan

This update for Botan fixes the following issues: Update to 2.19.5: Fix multiple Denial of service attacks due to X.509 cert processing: CVE-2024-34702 - boo1227238 CVE-2024-34703 - boo1227607 CVE-2024-39312 - boo1227608 Fix a crash in OCB Fix a test failure in compression with certain versions o...

K15882: TLS1.x padding vulnerability CVE-2014-8730

Security Advisory Description Incorrect TLS padding may be accepted when terminating TLS 1.x CBC cipher connections. CVE-2014-8730 Impact Attackers may be able to calculate the plaintext of secure connections. Security Advisory Status F5 Product Development has assigned IDs 451218, 450804, and...

SonicOS & SonicOSv CBC Cipher TLS Padding Vulnerability

A vulnerability in SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8,...

gnutls security, bug fix, and enhancement update

3.3.29-8.0.1 - Include ECDSA KAT into selftests for FIPS140-2 compliance Orabug 27484156 3.3.29-8 - Backported --sni-hostname option which allows overriding the hostname advertised to the peer 1444792 - Improved counter-measures in TLS CBC record padding for lucky13 attack CVE-2018-10844, 1589704...

Security Bulletin: IBM Tivoli Network Manager - GSKit Security Vulnerabilities (CVE-2013-0169), (CVE-2012-2190) and (CVE-2013-0166)

Summary OpenSSL Security Advisory updates Feb 2013: GSKit Lucky 13 TLS CBC Timing Attack - CVE-2013-0169. A vulnerability in relation to Session ID Lengths and SSL/TLS Server has been discovered that impacts GSKit - CVE-2012-2190. OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1...

CVE-2018-9860

An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will...

CVE-2018-9860

An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will...

CVE-2018-9860

An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will...

Design/Logic Flaw

An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will...

CVE-2018-9860

An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will...

CVE-2018-9860

An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will...

CVE-2018-9860

An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will...

Oracle: Security Advisory (ELSA-2013-0588)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 3.3 : gnutls (OVMSA-2015-0101)

The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2015-0282 1198159 - fix CVE-2015-0294 1198159 - Corrected value initialization in mpi printing 1129241 - Check for expiry information in the CA certificates 1159778 - fix issue with integer...

Cisco ASA TLS CBC Information Disclosure (CSCus08101)

According to its banner, the version of Cisco ASA software on the remote device is affected by an information disclosure vulnerability due to improper block cipher padding by TLSv1 when using Cipher Block Chaining CBC mode. A remote attacker, via an 'Oracle Padding' side channel attack, can explo...