PT-2019-13013 · Gnu +2 · Libgcrypt +2

Name of the Vulnerable Software and Affected Versions: Libgcrypt version 1.8.4 Description: The C implementation of AES in Libgcrypt is susceptible to a flush-and-reload side-channel attack. This occurs because physical addresses are accessible to other processes, and the C implementation is used...

Important: Red Hat Security Advisory: systemd security and bug fix update

An update for systemd is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities

According to its self-reported version, Cisco FXOS Software and Cisco NX-OS Software are affected by multiple vulnerabilities which could allow an unauthenticated, remote attacker to cause a denial of service attack DoS. The vulnerabilities are due to the improper parsing of LDAP packets by an...

CVE-2019-1814

A vulnerability in the interactions between the DHCP and TFTP features for Cisco Small Business 300 Series Sx300 Managed Switches could allow an unauthenticated, remote attacker to cause the device to become low on system memory, which in turn could lead to an unexpected reload of the device and...

Cisco Small Business 300 Series Managed Switches DHCP Denial of Service Vulnerability

A vulnerability in the interactions between the DHCP and TFTP features for Cisco Small Business 300 Series Sx300 Managed Switches could allow an unauthenticated, remote attacker to cause the device to become low on system memory, which in turn could lead to an unexpected reload of the device and...

CVE-2019-11323

HAProxy before 1.9.7 is vulnerable due to mishandling a reload with rotated keys, triggering the use of uninitialized, highly predictable HMAC keys in ssl_sock.h. This can lead to disclosure of HMAC keys. Public exploit details are not provided in the documents. The IBM Aspera IBM pages note fixe...

CVE-2019-11323

HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys. This is related to an include/types/sslsock.h error...

Rockwell Automation Stratix Ethernet Switches < 15.3 IOS DHCP Reload

Binary data 720228.prm...

CVE-2019-1706

A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual Appliance ASAv and Firepower 2100 Series running Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device that results in a...

CVE-2019-1708

A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol MOBIKE feature for the Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an...

CVE-2019-1694

A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability i...

Race condition

A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability i...

CVE-2019-1693

A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper management o...

CVE-2019-1694 Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software TCP Timer Handling Denial of Service Vulnerability

A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability i...

Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software TCP Timer Handling Denial of Service Vulnerability

A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability i...

PT-2019-2047 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the WebVPN service could allow an authenticated, remote...

PT-2019-2041 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the Internet Key Exchange Version 2 Mobility and...

PT-2019-2054 · Cisco · Cisco Asa +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance versions affected versions not specified Cisco Firepower 2100 Series running Cisco Adaptive Security Appliance ASA Software versions affected versions not specified Description: The issue is related to a logi...

CVE-2019-9807

When arbitrary text is sent over an FTP connection and a page reload is initiated, it is possible to create a modal alert message with this text as the content. This could potentially be used for social engineering attacks. This vulnerability affects Firefox 66...

CVE-2019-9807

When arbitrary text is sent over an FTP connection and a page reload is initiated, it is possible to create a modal alert message with this text as the content. This could potentially be used for social engineering attacks. This vulnerability affects Firefox 66...