Fedora 31 : mosquitto (2019-4c69fb4cd7)

1.6.7 ===== Broker : - Add workaround for working with libwebsockets 3.2.0. - Fix potential crash when reloading config. Client library : - Don't use / in autogenerated client ids, to avoid confusing with topics. - Fix mosquittomaxinflightmessagesset and mosquittointoption..., MOSQOPTMAX,...

Multiple Cisco Products CVE-2019-12700 Denial of Service Vulnerability

Description Multiple Cisco Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the resource exhaustion and reload the affected device, denying service to legitimate users. This issue is being tracked by Cisco bug IDs CSCvm92401, CSCvn83385...

CVE-2019-12700

A vulnerability in the configuration of the Pluggable Authentication Module PAM used in Cisco Firepower Threat Defense FTD Software, Cisco Firepower Management Center FMC Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. Th...

CVE-2019-12677

A vulnerability in the Secure Sockets Layer SSL VPN feature of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to cause a denial of service DoS condition that prevents the creation of new SSL/Transport Layer Security TLS connections to an affected...

PT-2019-3391 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the Internet Key Exchange version 1 IKEv1 feature could allow an unauthenticated,...

Cisco IOS XE Denial of Service Vulnerability (CNVD-2019-36642)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the files of Cisco IOS XE. The vulnerability stems from ineffective management of the underlying file system resources. An attacker cou...

Cisco IOS XE UTD Denial of Service Vulnerability

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the Unified Threat Defense UTD feature of Cisco IOS XE. The vulnerability stems from improper authentication of IPv6 packets by the UTD...

CVE-2019-12657

A vulnerability in Unified Threat Defense UTD in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper validation of IPv6 packets through the UTD feature. An attacker could exploit this vulnerability by...

CVE-2019-12657

A vulnerability in Unified Threat Defense UTD in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper validation of IPv6 packets through the UTD feature. An attacker could exploit this vulnerability by...

CVE-2019-12655

A vulnerability in the FTP application layer gateway ALG functionality used by Network Address Translation NAT, NAT IPv6 to IPv4 NAT64, and the Zone-Based Policy Firewall ZBFW in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The...

CVE-2019-12654

A vulnerability in the common Session Initiation Protocol SIP library of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to insufficient sanity checks ...

Input validation

A vulnerability in Unified Threat Defense UTD in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper validation of IPv6 packets through the UTD feature. An attacker could exploit this vulnerability by...

CVE-2019-12654 Cisco IOS and IOS XE Software Session Initiation Protocol Denial of Service Vulnerability

A vulnerability in the common Session Initiation Protocol SIP library of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to insufficient sanity checks ...

CVE-2019-12657 Cisco IOS XE Software Unified Threat Defense Denial of Service Vulnerability

A vulnerability in Unified Threat Defense UTD in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper validation of IPv6 packets through the UTD feature. An attacker could exploit this vulnerability by...

CVE-2019-12655

The CVE-2019-12655 issue affects Cisco IOS XE Software, specifically the FTP Application Layer Gateway (ALG) used with NAT, NAT64, and ZBFW. The vulnerability stems from a buffer overflow that occurs when the device inspects certain FTP traffic, enabling an unauthenticated, remote attacker to cau...

CVE-2019-12657

CVE-2019-12657 affects Cisco IOS XE Software Unified Threat Defense (UTD). The vulnerability stems from improper validation of IPv6 packets processed by UTD, allowing an unauthenticated, remote attacker to cause the device to reload and experience a DoS. Affected platforms are Cisco IOS XE device...

CVE-2019-12647

A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles memory structures, leading to a NULL pointer dereference...

CVE-2019-12646

A vulnerability in the Network Address Translation NAT Session Initiation Protocol SIP Application Layer Gateway ALG of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of transient SIP...

Null pointer dereference

A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles memory structures, leading to a NULL pointer dereference...

CVE-2019-12646 Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability

A vulnerability in the Network Address Translation NAT Session Initiation Protocol SIP Application Layer Gateway ALG of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of transient SIP...