29 matches found
EUVD-2017-15229
Malware in sbrugna...
EUVD-2024-46962
Malicious code in bioql PyPI...
Azure Linux 3.0 Security Update: mariadb (CVE-2024-5814)
The version of mariadb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-5814 advisory. - A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it d...
Proxmox VE Compatibility with Veeam Backup Server OS Server 2012 and 2012 R2
Article Applicability This article is relevant only when the machine where Veeam Backup & Replication is installed uses either Server 2012 or Server 2012 R2. Challenge After adding Proxmox VE PVE hosts to Veeam Backup & Replication, the workers are deployed, but the testing phase fails with the...
CVE-2024-5814
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello...
CVE-2024-5814
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello...
CVE-2024-5814
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello...
CVE-2024-5814
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello...
CVE-2024-5814 Unverifed Ciphersuite used on a client-side TLS1.3 Downgrade
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello...
CVE-2024-5814
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello...
K02714910: TLS vulnerability CVE-2017-6164
Security Advisory Description In some circumstances, the Traffic Management Microkernel TMM does not properly handle certain malformed TLS1.2 records, which allows remote attackers to cause a denial-of-service DoS or possible remote command execution on the BIG-IP system. CVE-2017-6164 Impact A...
AHV clusters with AOS versions 5.20.4+ (LTS) or 6.1.1+ (STS) shown as unavailable in Veeam Console
Challenge If the machine where Veeam Backup & Replication is installed is running Windows Server 2012R2 OS or earlier, and the Nutanix AHV Clusters are running AOS versions 5.20.4+ LTS or 6.1.1+ STS, the following may occur: Nutanix Clusters that were previously added to Veeam Backup & Replicatio...
Security Bulletin: Resilient supports TLS1.2 ciphers that are not enabled for Perfect Forward Secrecy (PFS) (CVE-2021-20566)
Summary Resilient supports TLS1.2 ciphers that are not enabled for Perfect Forward Secrecy PFS. Such ciphers could allow an attacker who has recorded encrypted traffic and later obtains the server's key to decrypt highly sensitive information. Vulnerability Details CVEID: CVE-2021-20566...
SSLv2-Only Open Ports Unsupported
This plugin detects if the remote host has any open ports which only support SSLv2. This protocol has been deprecated since 2011 because of security vulnerabilities and most major SSL libraries such as OpenSSL, NSS, Mbed TLS, and wolfSSL do not provide this functionality in their latest versions...
SSLv2-Only Open Ports
This plugin detects if the remote host has any open ports which only support SSLv2. This protocol has been deprecated since 2011 because of security vulnerabilities and most major SSL libraries such as OpenSSL, NSS, Mbed TLS, and wolfSSL do not provide this functionality in their latest versions...
Security Bulletin: Vulnerability in SSLv3 affects IBM Personal Communications v6.0.x (CVE-2014-3566)
Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Personal Communications v6.0.x Vulnerability Details CVE-ID: CVE-2014-3566 Description: Product could allow a remote attacker to obtain...
Security Bulletin: IBM Systems Director (ISD) is affected by vulnerabilities in OpenSSL (CVE-2013-4353, CVE-2013-6450, and CVE-2013-6449)
Summary : IBM Systems Director contains a version of openssl that contained the 3 vulnerabilities listed above. Vulnerability Details Abstract IBM Systems Director contains a version of openssl that contained the 3 vulnerabilities listed above. Content Vulnerability Details: CVE-ID: CVE-2013-4353...
Command injection
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, 12.0.0 - 12.1.2, 11.6.0 - 11.6.1 and 11.5.0 - 11.5.4, in some circumstances, Traffic Management Microkernel TMM does not properly handle certain...
CVE-2017-6164
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, 12.0.0 - 12.1.2, 11.6.0 - 11.6.1 and 11.5.0 - 11.5.4, in some circumstances, Traffic Management Microkernel TMM does not properly handle certain...
CVE-2017-6164
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator and WebSafe software version 13.0.0, 12.0.0 - 12.1.2, 11.6.0 - 11.6.1 and 11.5.0 - 11.5.4, in some circumstances, Traffic Management Microkernel TMM does not properly handle certain...