CVE-2018-0095

A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance ESA and Content Security Management Appliance SMA could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential wi...

CVE-2018-0095

A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance ESA and Content Security Management Appliance SMA could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential wi...

The vulnerability of VMware NAT hypervisors in VMware Workstation and VMware Fusion allows a hacker to execute arbitrary code on the host operating system.

The vulnerability of the VMware NAT service vmnat.exe in VMware Workstation and VMware Fusion stems from an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a malicious actor, operating locally on the guest operating system, to execute arbitrary code on the...

Cisco Email Security and Content Security Management Appliance Privilege Escalation Vulnerability

A vulnerability in the administrative shell of the Cisco Email Security Appliance ESA and Content Security Management Appliance SMA could allow an authenticated, local attacker to escalate their privilege level and gain root access. The attacker has to have a valid user credential with at least a...

Lenovo Patches Networking OS Vulnerability Dating Back to 2004

Lenovo patched a flaw in its networking operating system dating back to 2004 that allowed attackers to perform an authentication bypass attack via a mechanism called “HP Backdoor.” If exploited, an attacker could gain admin-level access on affected switches, Lenovo said. The vulnerability is rate...

Lenovo removes backdoor present in networking switches since 2004

By Waqas Engineers at Chinese firm Lenovo have identified a backdoor in This is a post from HackRead.com Read the original post: Lenovo removes backdoor present in networking switches since 2004...

HPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products

Potential Security Impact Remote disclosure of information. Source:Mathy Vanhoef of imec-DistriNet, KU Leuven VULNERABILITY SUMMARY A potential security vulnerability has been identified with certain HP Printers and MFPs, and HP JetDirect Networking accessories using WPA or WPA2. This vulnerabili...

Lenovo, IBM RackSwitch and BladeCenter Switch Enterprise Networking Operating System Authentication Bypass Vulnerability

Lenovo RackSwitch and BladeCenter are switches from Lenovo in China.IBM RackSwitch and BladeCenter are switches from IBM in the U.S. Enterprise Networking Operating System ENOS is a set of enterprise networking operating systems that run on them. Enterprise Networking Operating System ENOS is a s...

CVE-2017-3765

In Enterprise Networking Operating System ENOS in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as "HP Backdoor" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2018-14)

This update for java-170-openjdk fixes the following issues : Security issues fixed : - CVE-2017-10356: Fix issue inside subcomponent Security bsc1064084. - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO bsc1064071. - CVE-2017-10281: Fix issue inside subcomponent Serialization...

Security update for java-1_7_0-openjdk (important)

This update for java-170-openjdk fixes the following issues: Security issues fixed: - CVE-2017-10356: Fix issue inside subcomponent Security bsc1064084. - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO bsc1064071. - CVE-2017-10281: Fix issue inside subcomponent Serialization...

January 3, 2018—KB4056893 (OS Build 10240.17738)

January 3, 2018—KB4056893 OS Build 10240.17738 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses issue where using smart cards on a Windows Terminal Server system may cause excessi...

January 3, 2018—KB4056892 (OS Build 16299.192)

January 3, 2018—KB4056892 OS Build 16299.192 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses issue that may uninstall some Microsoft Store apps on systems that have KB4054517...

January 3, 2018—KB4056890 (OS Build 14393.2007)

January 3, 2018—KB4056890 OS Build 14393.2007 Note The release also contains updates for Windows 10 Mobile OS Build 14393.2007 released on January 5, 2018 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key...

CPP-Ethereum JSON-RPC admin_peers improper authorization Vulnerability

Summary An exploitable improper authorization vulnerability exists in adminpeers API of cpp-ethereum’s JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to trigg...

SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2018:0005-1)

This update for java-170-openjdk fixes the following issues: Security issues fixed : - CVE-2017-10356: Fix issue inside subcomponent Security bsc1064084. - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO bsc1064071. - CVE-2017-10281: Fix issue inside subcomponent Serialization...

January 4, 2018—KB4056896 (Monthly Rollup)

January 4, 2018—KB4056896 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4054520released December 12, 2017 and addresses the following issues: Security updates to Windows SMB Server, Windows Kernel, Windows Datacenter...

January 8, 2018—KB4056895 (Monthly Rollup)

January 8, 2018—KB4056895 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4054519 released December 12, 2017. It addresses the following issues: Security updates to Windows Kernel, Windows Datacenter Networking, Windows...

January 3, 2018—KB4056899 (Security-only update)

January 3, 2018—KB4056899 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Security updates to Windows SMB Server, Windows Kernel, Windows Datacenter Networkin...

January 3, 2018—KB4056898 (Security-only update)

January 3, 2018—KB4056898 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are introduced in this update. Key changes include: Security updates to Windows SMB Server, Windows Kernel, Windows Datacenter Networking, and...