4653 matches found
Security Bulletin: IBM Netcool/OMNIbus Probe DSL Factory Framework is affected by Apache Camel's Core vulnerability
Summary IBM Netcool/OMNIbus Probe DSL Factory Framework probe-dsl-framework-40 has addressed the following vulnerability caused by Apache Camel's Core component. Vulnerability Details CVEID: CVE-2018-8027 DESCRIPTION: Apache Camel's Core could allow a remote attacker to obtain sensitive...
Security update for gnutls (moderate)
This update for gnutls fixes the following issues: Security issues fixed: - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery bsc1105460 - CVE-2018-10845: HMAC-SHA-384 vulnerable to...
SUSE SLES12 Security Update : gnutls (SUSE-SU-2018:2825-1)
This update for gnutls fixes the following issues : This update for gnutls fixes the following issues : Security issues fixed : Improved mitigations against Lucky 13 class of attacks 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery CVE-2018-10846,...
CVE-2018-5871
In Snapdragon Automobile, Mobile, Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660,...
CVE-2018-11290
In Snapdragon Automobile, Mobile, Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820A, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, SnapdragonHighMed2016, MAC...
Code injection
In Snapdragon Automobile, Mobile, Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660,...
CVE-2018-11290
In Snapdragon Automobile, Mobile, Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820A, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, SnapdragonHighMed2016, MAC...
CVE-2018-11276
In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, double free of memory allocation is possible in Kernel when it explicitly tries to free that memory on driver probe failure, since memory allocated is automatically freed on probe...
Covert Backdoor Transmission Method: GhostTunnel
GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device only to release the payload agent, then the HID device can be removed after the payload is released. GhostTunnel use 802.11 Probe Request Frames and...
DEBIAN-CVE-2018-10846
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...
CVE-2018-10846
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...
UBUNTU-CVE-2018-10846
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...
Rogue Access Point Toolkit : hostapd-mana
hostapd-mana is a featureful rogue wifi access point tool. It can be used for a myriad of purposes from tracking and deanonymising devices aka Snoopy, gathering corporate credentials from devices attempting EAP aka WPE or attracting as many devices as possible to connect to perform MitM attacks...
ALPINE-CVE-2018-15173
Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application crash via a crafted TCP-based service...
More Federal Agencies Wrapped Up in Facebook Data Privacy Probe
The Securities and Exchange Commission, FBI, and the Department of Justice are now reportedly investigating the social media giant after it failed to disclose that more than the data of 70 million platform users had leaked through a third-party application, sources told the Washington Post, Monda...
ntop-ng Authentication Bypass
Vulnerability title: ntop-ng 3.4.180617 - Authentication Bypass Author: Ioannis Profetis Contact: me at x86.re Vulnerable versions: 3.4.180617-4560 Fixed version: 3.4.180617 Link: ntop.org Date: 2.07.2018 CVE-2018-12520 Product Details ntopng is the next generation version of the original ntop, a...
broadcast-jenkins-discover NSE Script
Discovers Jenkins servers on a LAN by sending a discovery broadcast probe. For more information about Jenkins auto discovery, see: Script Arguments broadcast-jenkins.address address to which the probe packet is sent. default: 255.255.255.255 broadcast-jenkins.timeout socket timeout default: 5s...
broadcast-hid-discoveryd NSE Script
Discovers HID devices on a LAN by sending a discoveryd network broadcast probe. For more information about HID discoveryd, see: Script Arguments broadcast-hid-discoveryd.timeout socket timeout default: 5s broadcast-hid-discoveryd.address address to which the probe packet is sent. default:...
Probequest - Toolkit For Playing With Wi-Fi Probe Requests
Toolkit allowing to sniff and display the Wi-Fi probe requests passing near your wireless interface. Probe requests are sent by a station to elicit information about access points, in particular to determine if an access point is present or not in the nearby environment. Some devices mostly...
UBUNTU-CVE-2018-5814
In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets...