CVE-2018-20004

An issue has been found in Mini-XML aka mxml 2.12. It is a stack-based buffer overflow in mxmlwritenode in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml...

Mini-XML Buffer Overflow Vulnerability (CNVD-2019-09592)

Mini-XML is a small XML parsing library , without the need for large non-standard libraries to read XML data files or strings in the application . A stack buffer overflow vulnerability exists in mxmlwritenode in mxml-file.c in Mini-XML i.e., mxml 2.12, which can be exploited by an attacker to cau...

Securing Smart Manufacturing with Connected Threat Defense

By David Tay, the CIO of Beyonics You’d be hard pushed to find any organization today not involved in digital transformation projects. But the manufacturing sector was arguably one of the first to the game. Back in 2011, the German government first coined the term Industry 4.0 to describe the...

The vulnerability of the Local Packet Transport Service (LPTS) component in Cisco ASR 9000 routers allows a hacker to trigger a service failure.

The vulnerability of the Local Packet Transport Service LPTS component of Cisco ASR 9000 routers is related to the lack of input verification using the Precision Time Protocol PTP. Exploiting this vulnerability allows a malicious actor to remotely trigger a service failure...

The vulnerability in the implementation of the Precision Time Protocol (PTP) in the network operating system of Cisco NX-OS on Cisco Nexus switches of the 5500, 5600, and 6000 series allows a attacker to cause a service failure.

The vulnerability of the Precision Time Protocol PTP implementation in the network operating system of Cisco NX-OS on Cisco Nexus series 5500, 5600, and 6000 switches is caused by errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service...

Heap Feng Shader: Exploiting SwiftShader in Chrome

Posted by Mark Brand, Google Project Zero On the majority of systems, under normal conditions, SwiftShader will never be used by Chrome - it’s used as a fallback if you have a known-bad “blacklisted” graphics card or driver. However, Chrome can also decide at runtime that your graphics driver is...

DEBIAN-CVE-2018-12367

In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work PerformanceNavigationTiming was not adjusted but it was found that it could be used as a precision timer. This vulnerabilit...

CVE-2018-12367

In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work PerformanceNavigationTiming was not adjusted but it was found that it could be used as a precision timer. This vulnerabilit...

CVE-2018-0378

A vulnerability in the Precision Time Protocol PTP feature of Cisco Nexus 5500, 5600, and 6000 Series Switches running Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to a lack of...

Design/Logic Flaw

A vulnerability in the Precision Time Protocol PTP feature of Cisco Nexus 5500, 5600, and 6000 Series Switches running Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to a lack of...

CVE-2018-0378 Cisco NX-OS Software for Nexus 5500, 5600, and 6000 Series Switches Precision Time Protocol Denial of Service Vulnerability

A vulnerability in the Precision Time Protocol PTP feature of Cisco Nexus 5500, 5600, and 6000 Series Switches running Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to a lack of...

CVE-2018-0378

CVE-2018-0378 affects Cisco Nexus 5500/5600/6000 series switches running NX-OS. The issue is in the Precision Time Protocol (PTP) implementation, caused by a lack of protection against PTP frame flood attacks. An unauthenticated, remote attacker can send large streams of malicious IPv4/IPv6 PTP t...

CVE-2018-0473

A vulnerability in the Precision Time Protocol PTP subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could explo...

CVE-2018-0473

A vulnerability in the Precision Time Protocol PTP subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could explo...

Design/Logic Flaw

A vulnerability in the Precision Time Protocol PTP subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could explo...

CVE-2018-0473 Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability

A vulnerability in the Precision Time Protocol PTP subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could explo...

Cybersecurity Threats to Precision Agriculture

DHS has released a report to address cybersecurity threats to new precision agriculture technologies used in crop and livestock production. Precision agriculture employs a variety of embedded and connected technologies to generate data used to enhance agricultural and livestock management. As...

Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability

Cisco 2500 Series Connected Grid Switches are different models of switches from Cisco.IOS Software is a set of operating systems developed by Cisco for its network devices.Precision Time Protocol PTP is one of the high precision time synchronization protocol subsystems. Precision Time Protocol PT...

Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability

A vulnerability in the Precision Time Protocol PTP subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could explo...

UBUNTU-CVE-2018-16152

In verifyemsapkcs1signature in gmprsapublickey.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS1 v1.5 signature verification. Consequently, a remote attacker can forge...