Download
| Alert*
oval:org.secpod.oval:def:1600886
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks a ... oval:org.secpod.oval:def:204794 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: bn_sqrx8x_internal carry bug on x86_64 * openssl: Read/write after SSL object in error state * openssl: ... oval:org.secpod.oval:def:2101776 There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. ... oval:org.secpod.oval:def:43521 The host is installed with Oracle VM VirtualBox before 5.1.32 or 5.2.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Core (OpenSSL). Successful exploitation allows attackers to affect Confidentiality. oval:org.secpod.oval:def:89044657 This update for openssl fixes the following issues: Security issues fixed: - CVE-2017-3735: openssl1,openssl: Malformed X.509 IPAdressFamily could cause OOB read - CVE-2017-3736: openssl: bn_sqrx8x_internal carry bug on x86_64 - Out of bounds read+crash in DES_fcrypt - openssl DEFAULT_SUSE cipher ... oval:org.secpod.oval:def:1800720 CVE-2017-3735: Malformed X.509 IPAdressFamily could cause OOB read; If an X.509 certificate has a malformed IPAddressFamily extension,OpenSSL could do a one-byte buffer over read. The most likely result would be an erroneous display of the certificate in text format. Fixed In Version: openssl 1.0.2m ... oval:org.secpod.oval:def:1800292 CVE-2017-3735: Malformed X.509 IPAdressFamily could cause OOB read If an X.509 certificate has a malformed IPAddressFamily extension,OpenSSL could do a one-byte buffer overread. The most likely result would be an erroneous display of the certificate in text format. Fixed In Version openssl 1.0.2m, o ... oval:org.secpod.oval:def:113534 The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. oval:org.secpod.oval:def:113456 The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. oval:org.secpod.oval:def:113571 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:51531 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:88279 The host is installed with Oracle VM VirtualBox before 5.1.32 or 5.2.4 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Core (OpenSSL). Successful exploitation allows attackers to affect Confidentiality. oval:org.secpod.oval:def:43224 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:53170 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-3735 It was discovered that OpenSSL is prone to a one-byte buffer overread while parsing a malformed IPAddressFamily ex ... oval:org.secpod.oval:def:113486 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:53169 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-3735 It was discovered that OpenSSL is prone to a one-byte buffer overread while parsing a malformed IPAddressFamily ex ... oval:org.secpod.oval:def:113480 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. oval:org.secpod.oval:def:1800554 CVE-2017-3735: Malformed X.509 IPAdressFamily could cause OOB read. If an X.509 certificate has a malformed IPAddressFamily extension,OpenSSL could do a one-byte buffer overread. The most likely result would be an erroneous display of the certificate in text format. Fixed In Version: openssl 1.0.2m, ... oval:org.secpod.oval:def:603154 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-3735 It was discovered that OpenSSL is prone to a one-byte buffer overread while parsing a malformed IPAddressFamily ex ... oval:org.secpod.oval:def:603153 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-3735 It was discovered that OpenSSL is prone to a one-byte buffer overread while parsing a malformed IPAddressFamily ex ... oval:org.secpod.oval:def:502273 OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: * openssl: bn_sqrx8x_internal carry bug on x86_64 * openssl: Read/write after SSL object in error state * openssl: ... oval:org.secpod.oval:def:1502170 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700029 bn_sqrx8x_internal carry bug on x86_64There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to ... oval:org.secpod.oval:def:1000609 The remote host is missing a patch 151913-11 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000608 The remote host is missing a patch 151912-11 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:505383 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Security Fix: * IBM JDK: privilege escalation via insufficiently restricted access to Attach API * openssl: BN_mod_exp may produce inc ... oval:org.secpod.oval:def:89002462 This update for java-1_8_0-ibm to 8.0.5.20 fixes the following security issues: - CVE-2018-2952: Vulnerability in subcomponent: Concurrency. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit ... oval:org.secpod.oval:def:89002262 This update for java-1_8_0-ibm to 8.0.5.20 fixes the following security issues: - CVE-2018-2952: Vulnerability in subcomponent: Concurrency. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit ... oval:org.secpod.oval:def:505653 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Security Fix: * IBM JDK: privilege escalation via insufficiently restricted access to Attach API * openssl: BN_mod_exp may produce inc ... oval:org.secpod.oval:def:505578 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP20. Security Fix: * IBM JDK: privilege escalation via insufficiently restricted access to Attach API * openssl: BN_mod_exp may produce inc ... oval:org.secpod.oval:def:89043994 This update contains the Mozilla Firefox ESR 68.2 release. Mozilla Firefox was updated to ESR 68.2 release: * Enterprise: New administrative policies were added. More information and templates are available at the Policy Templates page. * Various security fixes: MFSA 2019-33 * CVE-2019-15903: Heap ... |