Treck IP stacks contain multiple vulnerabilities

Overview Treck IP stack implementations for embedded systems are affected by multiple vulnerabilities. This set of vulnerabilities was researched and reported by JSOF, who calls them Ripple20. Description Treck IP network stack software is designed for and used in a variety of embedded systems. T...

BSA-2020-1019

Security Advisory ID : BSA-2020-1019 Component : Treck IP stack Revision : 1.0: Final Treck IP stack implementations for embedded systems are affected by multiple vulnerabilities. This set of vulnerabilities was researched and reported by JSOF, who calls themRipple20. More information is...

New LTE Network Flaw Could Let Attackers Impersonate 4G Mobile Users

A group of academics from Ruhr University Bochum and New York University Abu Dhabi have uncovered security flaws in 4G LTE and 5G networks that could potentially allow hackers to impersonate users on the network and even sign up for paid subscriptions on their behalf. The impersonation attack —...

Microsoft Windows Multiple Vulnerabilities (KB4523205)

This host is missing a critical security update according to Microsoft KB4523205 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Microsoft Windows Multiple Vulnerabilities (KB4525237)

This host is missing a critical security update according to Microsoft KB4525237 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

KB4523205: Windows 10 Version 1809 and Windows Server 2019 November 2019 Security Update

The remote Windows host is missing security update 4523205. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability...

Interpeak IPnet TCP/IP Stack (Update D)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendors: ENEA, Green Hills Software, ITRON, IP Infusion, Wind River Equipment: OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, ZebOS by IP Infusion, and VxWorks by...

openSUSE Security Update : links (openSUSE-2019-2185)

This update for links fixes the following issues : links was updated to 2.20.1 : - libevent bug fixes links was updated to 2.20 : - Security bug fixed: when links was connected to tor, it would send real dns requests outside the tor network when the displayed page contains link elements with...

URGENT/11: VxWorks RTOS 11 0 day vulnerabilities affect 20 million device-bug warning-the black bar safety net

Armis Labs security researchers recently in the currently most widely used embedded devices in real timeoperating system real-time operating systems, RTOS）VxWorks found 11 a 0 day vulnerability, theoperating systemis widely used in aerospace, defense, industrial, medical, electronic, network, and...

RTOS VxWorks multiple high-risk vulnerability alerts-a vulnerability alert-the black bar safety net

Armis researchers in the VxWorks discovered 11 zero-day vulnerabilities, VxWorks is a popular real timeoperating system（RTOS）, is more than 20 million devices in use, including industrial, medical and business equipment and other mission-critical equipment. These vulnerabilities are referred to...

Wind River VxWorks Multiple Vulnerabilities (URGENT/11)

According to its self-reported version, the remote device is potentially affected by multiple Wind River VxWorks remote code execution and denial-of-service vulnerabilities in the IPnet TCP/IP stack. An unauthenticated, remote, attacker could leverage these vulnerabilities to gain full access to...

Xerox WorkCentre Multiple Vulnerabilities (XRX19-016) (URGENT/11)

According to its self-reported version, the remote Xerox WorkCentre is affected by multiple remote code execution and denial-of-service vulnerabilities in the IPnet TCP/IP stack. An unauthenticated, remote, attacker could leverage these vulnerabilities to gain full access to the affected device o...

Microsoft Windows Multiple Vulnerabilities (KB4493446)

This host is missing a critical security update according to Microsoft KB4493446 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

KB4493475: Windows 10 April 2019 Security Update

The remote Windows host is missing security update 4493475. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver luafv.sys...

KB4493474: Windows 10 Version 1703 April 2019 Security Update

The remote Windows host is missing security update 4493474. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver luafv.sys...

Cisco Application Policy Infrastructure Controller Linux Kernel IP Fragment Reassembly DoS

According to its self-reported version, the Cisco Application Policy Infrastructure Controller APIC is affected by a vulnerability in the IP stack that is used by the Linux Kernel publicly known as FragmentSmack. The vulnerability could allow an unauthenticated, remote attacker to cause a denial ...

CVE-2018-5915

Exception in Modem IP stack while processing IPv6 packet in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660,...

Design/Logic Flaw

Exception in Modem IP stack while processing IPv6 packet in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660,...

CVE-2018-5915

Exception in Modem IP stack while processing IPv6 packet in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660,...

CVE-2018-5915

CVE-2018-5915 : Exception in the Modem IP stack while processing IPv6 packets affects Qualcomm/Qualcomm-based Snapdragon automotive, mobile, and wearables platforms (MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/212/205, SD 425, SD 430, SD 712/710/670, SD 820/820A/835/845/850, SDA660, SD...