LibreOffice 安全特征问题漏洞

LibreOffice is an open source office software suite from The Document Foundation tdf. The product includes applications such as Writer text documents, Calc spreadsheets, and Impress presentations.LibreOffice is vulnerable to an encryption problem that stems from LibreOffice using weak...

Magento 2 Community Edition Cryptographic Flaw

A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. A weak cryptograhic mechanism is used to generate the intialization vector in multiple security relevant contexts...

CVE-2019-7886

CVE-2019-7886 affects Magento 2.1.x before 2.1.18, 2.2.x before 2.2.9, and 2.3.x before 2.3.2. The issue is a weak cryptographic mechanism used to generate the initialization vector in multiple security contexts, enabling potential cryptographic abuse. RedHat and OSV listings confirm the same des...

The vulnerability of the OpenSSL library, which allows a hacker to bypass the cryptographic security measures

The vulnerability of the ssl3clienthello function in the OpenSSL library is related to insufficient guarantees for the correct initialization of the pseudorandom number generator before the handshake process. Exploiting this vulnerability allows a malicious actor to bypass cryptographic security...

Unauthenticated crypto and weak IV in Magento\Framework\Encryption

More info at http://www.openwall.com/lists/oss-security/2016/07/19/3...