Cisco Firepower Threat Defense RCE (cisco-sa-20191112-asa-ftd-lua-rce)

A remote code execution vulnerability exists in the Lua interpreter of Cisco Firepower Threat Defense FTD software due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. An authenticated, remote attacker can exploit this to bypass...

Cisco Adaptive Security Appliance RCE (cisco-sa-20191112-asa-ftd-lua-rce)

A remote code execution vulnerability exists in the Lua interpreter of Cisco Adaptive Security Appliance ASA software due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. An authenticated, remote attacker can exploit this to bypass...

CentOS 7 : kernel (CESA-2019:3834)

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1770)

According to its self-reported version, Cisco NX-OS Software is affected by a command injection vulnerability due to insufficient validation of arguments passed to a specific CLI command. An authenticated, local attacker can exploit these vulnerabilities by including malicious input as the argume...

Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1776)

According to its self-reported version, Cisco NX-OS Software is affected by a command injection vulnerability due to insufficient validation of arguments passed to a specific CLI command on an affected device. An authenticated, local attacker can exploit this to execute arbitrary commands on the...

Cisco NX-OS Software Command Injection (cisco-sa-20190515-nxos-cmdinj-1783)

According to its self-reported version, Cisco NX-OS Software is affected by a command injection vulnerability due to insufficient validation of arguments passed to a specific CLI command on an affected device. An authenticated, local attacker can exploit this to execute arbitrary commands on the...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

RHEL 7 : kernel (RHSA-2019:3838)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3838 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: hw: Machine Check Error on Page Size...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Cisco NX-OS Software Command Injection (CVE-2019-1784)

According to its self-reported version, Cisco NX-OS Software is affected by a command injection vulnerability due to insufficient validation of arguments passed to a specific CLI command on an affected device. An unauthenticated, local attacker can exploit this to execute arbitrary commands on th...

Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Command Injection Vulnerability

A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system. When processed, the commands will be executed wit...

The vulnerability of the Linux operating system’s vfio kernel driver, which allows a hacker to cause a service failure

The vulnerability of the vfio driver in the Linux operating system is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a perpetrator to cause service failures...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Cisco NX-OS Software Command Injection Vulnerability (cisco-sa-20190925-nxos-vman-cmd-inj)

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability in a CLI command related to the virtualization manager VMAN in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with...

Cisco IOS XE Virtualization Manager CLI Command Injection Vulnerability

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A command injection vulnerability exists in Cisco IOS XE's CLI commands related to the Virtualization Manager. The vulnerability stems from insufficient validation of parameters...

RHEL 7 : kernel (RHSA-2019:2899)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2899 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A buffer overflow flaw was found in th...

CVE-2019-12666

A vulnerability in the Guest Shell of Cisco IOS XE Software could allow an authenticated, local attacker to perform directory traversal on the base Linux operating system of Cisco IOS XE Software. The vulnerability is due to incomplete validation of certain commands. An attacker could exploit thi...