The vulnerability of the GAS frame processing function in the 802.11 protocol of Cisco Wireless LAN Controllers allows a attacker to induce a service failure.

The vulnerability of the Generic Advertising Service GAS frame processing function in Cisco Wireless LAN Controllers based on the 802.11 protocol is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure ...

The vulnerability of the implementation of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol in Cisco Wireless LAN Controller (WLC) software allows a attacker to cause a service failure.

The vulnerability of the Control and Provisioning of Wireless Access Points CAPWAP implementation in Cisco Wireless LAN Controller WLC software relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions by sending a special...

Multiple Mitsubishi Electric Products Resource Management Error Vulnerability

The Misubishi Electric MELSEC iQ-R series is a programmable logic controller from Misubishi Electric. A resource management error vulnerability exists in several Mitsubishi Electric products. An attacker could cause a denial of service by sending a large amount of data to the MELSOFT transport po...

3S-Smart Software Solutions CODESYS Development System Elevation of Privilege Vulnerability

3S-Smart Software Solutions CODESYS Development System is a set of programming tools for the field of industrial controllers and automation technology from 3S-Smart Software Solutions, Germany. A security vulnerability exists in CODESYS WebVisu and CODESYS Remote TargetVisu in 3S-Smart Software...

The vulnerability of the Secure Sockets Layer and Transport Layer Security implementations in Cisco Firepower Threat Defense’s microprogramming-based network interface controllers allows attackers to induce service failures.

The vulnerability of the Secure Sockets Layer and Transport Layer Security implementations of Cisco Firepower Threat Defense’s microprogramming-based network interface controllers is related to the execution of operations beyond the buffer in memory. Exploitation of this vulnerability could allow...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5670)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5670 advisory. - brcmfmac: add subtype check for event handling in data path John Donnelly Orabug: 30776354 CVE-2019-9503 - mwifiex: pcie: Fix memory leak in...

Warning: Citrix ShareFile Flaw Could Let Attackers Steal Corporate Secrets

Since the past few weeks, software giant Citrix has privately been rolling out a critical software update to its enterprise customers that patches multiple security vulnerabilities affecting Citrix ShareFile content collaboration platform. The security advisory—about which The Hacker News learned...

Authelia - The Single Sign-On Multi-Factor Portal For Web Apps

Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on SSO for your applications via a web portal. It acts as a companion of reverse proxies like nginx, Traefik or HAProxy to let them know whether queries should pass through...

Secure Your Azure Active Directory Domain Controllers

Working from home has become the new norm. In this article, we dive into why it is time to part ways with your on-premises domain controllers, get your devices registered to the Microsoft® Azure®, and enable a secure work from home environment...

The vulnerability of Microprogrammed Software in Modicon Controllers arises from the existence of rigidly encrypted user data, which allows a intruder to execute any command against the Modicon Controllers.

The vulnerability of Microprogrammed Software in Modicon Controllers stems from the existence of rigidly encoded configuration data used to transmit configuration files to Modicon Controllers. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on Modicon...

The vulnerability of the programming software for PLCs (programmable logic controllers), namely EcoStruxure Control Expert, is related to deficiencies in access control. This vulnerability allows a intruder to bypass the authentication process between EcoStruxure Control Expert and the PLC.

The vulnerability of the EcoStruxure Control Expert programming tool for programmable logic controllers is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to bypass the authentication process between the EcoStruxure Control Expert and the...

Fedora: Security Advisory for dolphin-emu (FEDORA-2020-14cdf5fdf8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-1957

A flaw was found in Apache Shiro. When using Spring dynamic controllers, a specially crafted request may cause an authentication bypass. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

[SECURITY] Fedora 31 Update: dolphin-emu-5.0.11617-7.fc31

Dolphin is a Gamecube, Wii and Triforce the arcade machine based on the Gamecube emulator, which supports full HD video with several enhancements such as compatibility with all PC controllers, turbo speed, networked multiplaye r, and more. Most games run perfectly or with minor bugs...

[SECURITY] Fedora 32 Update: dolphin-emu-5.0.11819-5.fc32

Dolphin is a Gamecube, Wii and Triforce the arcade machine based on the Gamecube emulator, which supports full HD video with several enhancements such as compatibility with all PC controllers, turbo speed, networked multiplaye r, and more. Most games run perfectly or with minor bugs...

CVE-2019-6859

A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers All versions of the following CPUs and Communication Module product references listed in the Security Notifications, which could cause the disclosure of FTP hardcoded credentials when using the Web server of the...

Hardcoded credentials

A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers All versions of the following CPUs and Communication Module product references listed in the Security Notifications, which could cause the disclosure of FTP hardcoded credentials when using the Web server of the...

CVE-2020-7488

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers...

CVE-2020-7488

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers...

CVE-2020-7487

The CVE-2020-7487 entry concerns Schneider Electric Modicon M218, M241, M251, and M258 controllers affected by CWE-345: Insufficient Verification of Data Authenticity. The Red Hat/NVD-related and Tenable/NASL data in connected documents corroborate that this is a data-authenticity issue allowing ...