Cisco IOS XE Software TrustSec Protected Access Credential Provisioning Denial of Service Vulnerability

A vulnerability in the Cisco TrustSec CTS Protected Access Credential PAC provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to improper...

Cisco IOS and IOS XE Software IP Ident Denial of Service Vulnerability

A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles memory structures, leading to a NULL pointer dereference...

Cisco IOS and IOS XE Software Session Initiation Protocol Denial of Service Vulnerability

A vulnerability in the common Session Initiation Protocol SIP library of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to insufficient sanity checks ...

Cisco IOS XE Software ISDN Interface Denial of Service Vulnerability

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the ISDN functions which could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect processing of specific values in the Q.931 information...

CVE-2019-1962

The CVE-2019-1962 issue affects Cisco NX-OS Software, specifically the Cisco Fabric Services over IP (CFSoIP) component. The root cause is insufficient validation of TCP packets processed by CFSoIP, which could let an unauthenticated, remote attacker send a malicious CFSoIP TCP packet to trigger ...

Cisco IOS XE Software Catalyst 4500 Cisco Discovery Protocol Denial of Service Vulnerability

According to its self-reported version, Cisco IOS XE Software is affected by following vulnerability - A vulnerability in the Easy Virtual Switching System VSS of Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an unauthenticated, adjacent attacker to cause the switches to...

keepalived security and bug fix update

1.3.5-16 - Rework previous miscscript/vrrpscript patch 1667292 1.3.5-15 - Rework previous checker comparison patch 1715308 1.3.5-14 - Make checker variables non global 1715308 1.3.5-13 - Fix comparison of checkers on reload 1715308 1.3.5-12 - Fix build errors 1678480 1.3.5-11 - Fix problems with...

SUSE SLED15 / SLES15 Security Update : libgcrypt (SUSE-SU-2019:1971-1)

This update for libgcrypt fixes the following issues : Security issue fixed : CVE-2019-12904: Fixed a flush-and-reload side-channel attack in the AES implementation bsc1138939. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisor...

SUSE-SU-2019:1971-1 Security update for libgcrypt

This update for libgcrypt fixes the following issues: Security issue fixed: - CVE-2019-12904: Fixed a flush-and-reload side-channel attack in the AES implementation bsc1138939...

OPENSUSE-SU-2019:1792-1 Security update for libgcrypt

This update for libgcrypt fixes the following issues: Security issues fixed: - CVE-2019-12904: The C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. The C implementation is used on platforms where an...

CVE-2019-1892

A vulnerability in the Secure Sockets Layer SSL input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device. The vulnerability is due to improper validation of HTTPS...

CVE-2019-1891

A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of requests sent to the web...

CVE-2019-1891 Cisco Small Business Series Switches HTTP Denial of Service Vulnerability

A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper validation of requests sent to the web...

SUSE SLED12 / SLES12 Security Update : dnsmasq (SUSE-SU-2019:1721-1)

This update for dnsmasq fixes the following issues : Security issue fixed : CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processing of wildcard synthesized NSEC records may result improper validation for non-existance. bsc1076958 Non-security issue fixed: Reload system dbus to...

5iSNS system is vulnerable to reloading

5iSNS Labs is dedicated to providing a source code for webmasters, with a new version of the system, covering features such as libraries and posts. 5iSNS system reloading vulnerability, an attacker can use the vulnerability to make the server denial of service...

CVE-2019-1904

A vulnerability in the web-based UI web UI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attacke...

Input validation

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denia...

CVE-2019-1869 Cisco StarOS Denial of Service Vulnerability

A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service DoS condition. The vulnerabili...

ALPINE-CVE-2019-12904

In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. The C implementation is used on platforms where an assembly-language implementation is unavailable. NOTE: the vendor's position is...

CVE-2019-12904

In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. The C implementation is used on platforms where an assembly-language implementation is unavailable. NOTE: the vendor's position is...