The vulnerability in the implementation of the Simple Network Management Protocol (SNMP) on Cisco IOS XE-based Catalyst access points and Cisco Catalyst 9800 and 9800-CL for Cloud wireless network controllers allows a attacker to cause service interruptions.

The vulnerability of the Simple Network Management Protocol SNMP implementation in Cisco IOS XE Catalyst access points and Cisco Catalyst 9800 and 9800-CL for Cloud wireless network controllers is related to a numerical overflow issue. Exploiting this vulnerability could allow an attacker to...

The vulnerability of the DNS query handler in microprogramming-based network interface controllers of Cisco Adaptive Security Appliances (ASA) and Cisco Firepower Threat Defense (FTD) allows attackers to induce service failures.

The vulnerability of the DNS query handler in microprogramming-based network interface controllers of Cisco Adaptive Security Appliances ASA and Cisco Firepower Threat Defense FTD is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to...

TrueStack Direct Connect 安全漏洞

TrueStack Direct Connect is a VPN management server from TrueStack USA, Inc. for easily connecting Windows and Mac computers to Windows domain controllers and file servers in the AWS cloud. A security vulnerability exists in TrueStack Direct Connect 1.4.7 that stems from incorrect application...

Exposure of Resource to Wrong Sphere in Spring Data REST

In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for...

GHSA-4926-QPXG-6R3W Exposure of Resource to Wrong Sphere in Spring Data REST

In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for...

OpenStack Neutron Denial of Service vulnerability

An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API...

Rockwell Automation Logix Controllers 资源管理错误漏洞

Rockwell Automation Logix Controllers is a high-performance control platform from Rockwell Automation. Use this single platform to perform sequence, process, drive, or motion control in any combination. A resource management error vulnerability exists in Rockwell Automation Logix Controllers, whi...

Rockwell Automation Logix Controllers

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: Logix Controllers Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an unauthorized user to send malicious messages to...

CVE-2020-16231

The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak cryptography to protect device passwords. Affected controllers that are actively supported include MX207, MX213, MX220, MC206, MC212, MC220, and MH230 hardware controllers, and affected end-of-life...

CVE-2020-16231

The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak cryptography to protect device passwords. Affected controllers that are actively supported include MX207, MX213, MX220, MC206, MC212, MC220, and MH230 hardware controllers, and affected end-of-life...

Default credentials

The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak cryptography to protect device passwords. Affected controllers that are actively supported include MX207, MX213, MX220, MC206, MC212, MC220, and MH230 hardware controllers, and affected end-of-life...

CVE-2020-16231 All Bachmann M1 System Processor Modules - Use of Password Hash with Insufficient Computational Effort

The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak cryptography to protect device passwords. Affected controllers that are actively supported include MX207, MX213, MX220, MC206, MC212, MC220, and MH230 hardware controllers, and affected end-of-life...

CVE-2020-16231 All Bachmann M1 System Processor Modules - Use of Password Hash with Insufficient Computational Effort

The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak cryptography to protect device passwords. Affected controllers that are actively supported include MX207, MX213, MX220, MC206, MC212, MC220, and MH230 hardware controllers, and affected end-of-life...

CVE-2020-16231

CVE-2020-16231 affects all Bachmann M-Base Controllers running MSYS v1.06.14 and newer. The vulnerability stems from weak cryptography used to protect device passwords, with Security Level 0 set by default in many models (e.g., MX207, MX213, MX220, MC206, MC212, MC220, MH230 actively supported; o...

KB5014986: Authentication failures occur after the May 10, 2022 update is installed on domain controllers running Windows Server 2012 R2

KB5014986: Authentication failures occur after the May 10, 2022 update is installed on domain controllers running Windows Server 2012 R2 Summary This update includes improvements for the following issue: Addresses a known issue that might cause authentication failures for some services on a serve...

May 19, 2022—KB5015018 (OS Build 17763.2931) Out-of-band

May 19, 2022—KB5015018 OS Build 17763.2931 Out-of-band Note: To improve the information presented in the history pages and related KBs and make them more useful to our customers, we have created an anonymous survey for you to share your comments and feedback. 11/17/20 For information about Window...

KB5014991: Authentication failures occur after the May 10, 2022 update is installed on domain controllers running Windows Server 2012

KB5014991: Authentication failures occur after the May 10, 2022 update is installed on domain controllers running Windows Server 2012 Summary This update includes improvements for the following issue: Addresses a known issue that might cause authentication failures for some services on a server o...

KB5014990: Authentication failures occur after the May 10, 2022 update is installed on domain controllers running Windows Server 2008 SP2

KB5014990: Authentication failures occur after the May 10, 2022 update is installed on domain controllers running Windows Server 2008 SP2 Summary This update includes improvements for the following issue: Addresses a known issue that might cause authentication failures for some services on a serv...

May 19, 2022—KB5015020 (OS Builds 19042.1708, 19043.1708, and 19044.1708) Out-of-band

May 19, 2022—KB5015020 OS Builds 19042.1708, 19043.1708, and 19044.1708 Out-of-band Note: To improve the information presented in the history pages and related KBs and make them more useful to our customers, we have created an anonymous survey for you to share your comments and feedback. UPDATED...

May 19, 2022—KB5015013 (OS Build 20348.709) Out-of-band

May 19, 2022—KB5015013 OS Build 20348.709 Out-of-band For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find...