RancherOS < 1.5.3 Multiple Vulnerabilities (SACK Panic)

The remote host is running a version of RancherOS prior to v1.5.3, hence is exposed to multiple vulnerabilities: - Linux Kernel is prone to a remote integer-overflow vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. CVE-2019-11477 - RancherOS is vulnerable t...

CVE-2019-10584

Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...

CVE-2019-10584

CVE-2019-10584 affects Qualcomm/Snapdragon components (Snapdragon Auto, Compute, Connectivity, Consumer IOT/Industrial IOT, Mobile, Wearables, etc.) with an out-of-bounds access in the debug queue when the packet size field is corrupted. The issue is documented across multiple vendors, including ...

CVE-2019-10584

Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...

Cisco IOS XE Software Switch Integrated Security Features IPv6 DoS (cisco-sa-20180328-sisf)

According to its self-reported version, Cisco IOS XE Software is affected by a denial of service DoS vulnerability in the Switch Integrated Security Features due to incorrect handling of crafted IPv6 packets. An unauthenticated, remote attacker can exploit this, by sending crafted IPv6 packets to...

IBM MQ and IBM MQ Appliance Denial of Service Vulnerability (CNVD-2019-46452)

IBM MQ IBM WebSphere MQ and IBM MQ Appliance are both products of IBM Corporation, U.S.A. IBM MQ is a messaging middleware product. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA.IBM MQ Appliance is an all-in-one appliance for rapid...

Memory Leaks

kubernetes is vulnerable to memory leaks. If an event in the queue takes a long time expire, the previous nextReadyAt timers will pile up and the memory will potentially be exhausted, resulting in an application crash...

DEBIAN-CVE-2019-19377

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfsqueuework in fs/btrfs/async-thread.c...

UBUNTU-CVE-2019-19377

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfsqueuework in fs/btrfs/async-thread.c...

kernel: local attacker can trigger multiple use-after-free conditions results in privilege escalation

A flaw was found in the way the Linux kernel's networking subsystem handled the write queue between TCP disconnection and re-connections. A local attacker could use this flaw to trigger multiple use-after-free conditions potentially escalating their privileges on the system...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the D-Link DSL-6740U gateway Rev. H1 allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management services to 1 Custom Services in Port Forwarding, 2...

Taking Reputation to Scale: An Iterative Journey with an Agile Approach (Part 2)

In Part 1 of this blog, we shared with you the challenges we had in balancing latency, scalability, and cost for our reputation services. In this blog, we’ll give you some insights into each major iteration along that journey, from the beginning to where we are now. 100 requests per second. Befor...

openSUSE Security Update : qemu (openSUSE-2019-2505)

This update for qemu fixes the following issues : - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15 - Fix use-after-free in slirp CVE-2018-20126 bsc1119991 - Fix potential DOS in lsi scsi controller emulation CVE-2019-12068 bsc1146873 - Expose taa-no 'feature',...

HTTP/2: flood using SETTINGS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using HEADERS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

CVE-2019-16950

An XSS issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. The QueueName parameter of a GET request allows for insertion of user-supplied JavaScript...

SUSE-SU-2019:2956-1 Security update for qemu

This update for qemu fixes the following issues: - Remove a backslash '' escape character from 80-qemu-ga.rules bsc1153358 Unlike sles 15 or newer guests, The udev rule file of qemu guest agent in sles 12 sp4 or newer guest only needs one escape character. - Fix use-after-free in slirp...

kernel: net-sysfs: *_queue_add_kobject refcount issue

A flaw was found in the way the rxqueueaddkobject and netdevqueueaddkobject functions in the Linux kernel handled refcounting of certain objects. This flaw allows a local user who can trigger the error code path to use this vulnerability to disturb the integrity of the system...

kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c

A flaw was found in the Linux kernel’s block driver implementation blkdrainqueue function where a use-after-free condition could be triggered while draining the outstanding command queue in the systems block device subsystem. An attacker could use this flaw to crash the system or corrupt local...

Command injection

app/callcenters/cmd.php in the Call Center Queue Module in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated attackers with at least the permission callcenterqueueadd or callcenterqueueedit to execute any commands on...