CVE-2018-0467 Cisco IOS and IOS XE Software IPv6 Hop-by-Hop Options Denial of Service Vulnerability

A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of specific IPv6 hop-by-hop options. An attacker could exploit this vulnerability by sending a...

Cisco IOS and IOS XE Software IPv6 Hop-by-Hop Options Denial of Service Vulnerability

Cisco IOS Software and IOS XE Software are both operating systems developed by Cisco for its network devices. A denial of service vulnerability exists in the IPv6 processing code in Cisco IOS Software and IOS XE Software. A remote attacker could exploit this vulnerability by sending malicious Pv6...

Cisco IOS XE Software NAT SIP ALG Denial of Service Vulnerability

Cisco IOS XE Software is an operating system developed by Cisco for its network devices.Network Address Translation NAT Session Initiation Protocol SP Application Layer Gateway ALG is one of the gateway components. Network Address Translation NAT Session Initiation Protocol SP Application Layer...

Fedora 27 : mozilla-noscript (2018-09c51bbcec)

Changes since 10.1.8.16: === v 10.1.9.6 ============================================================= - TB Gracefully handle legacy external message recipients - XSS Updated known HTML5 events - Better IPV6 support - UI support for protocol-only entries v 10.1.9.5...

Cisco IOS and IOS XE Denial of Service Vulnerability (CNVD-2018-20235)

Cisco IOS Software and IOS XE Software are both operating systems developed by Cisco for its network devices. A denial of service vulnerability exists in the Open Shortest Path First version 3 OSPFv3 implementation in Cisco IOS Software and IOS XE Software. An attacker in close physical proximity...

Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability

A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to insufficient...

Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability

A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to improper handling of crafted TACACS+...

Cisco IOS and IOS XE Software OSPFv3 Denial of Service Vulnerability

A vulnerability in the Open Shortest Path First version 3 OSPFv3 implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. The vulnerability is due to incorrect handling of specific OSPFv3 packets. An attacker could...

Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability

A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service DoS condition on an affected device. The vulnerability is due to improper input validation when handling...

Security Bulletin: OpenSSL vulnerability in current release of the IBM® SDK for Node.js™

Summary OpenSSL ECDSA FLUSH+RELOAD cache side-channel attack Vulnerability Details CVE ID: CVE-2014-0076 DESCRIPTION: OpenSSL could allow a local attacker to obtain sensitive information, caused by an implementation error in ECDSA Elliptic Curve Digital Signature Algorithm. An attacker could...

chromium-browser: URL spoof in Omnibox

Incorrect handling of reloads in Navigation in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2018-0346

A vulnerability in the Zero Touch Provisioning service of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to incorrect bounds checks for certain values in packets that are sent to...

CVE-2018-0369

CVE-2018-0369 is a Cisco StarOS DoS vulnerability in the IPv4 fragment reassembly logic. An unauthenticated, remote attacker can trigger a reload of the npusim process by sending malformed fragmented IPv4 packets with options, causing all four npusim instances to restart and drop queued traffic d...

Cisco Nexus 4000 Series Switch NX-OS Input Validation Vulnerability

The Cisco Nexus 4000 Series Switch is a 4000 series switch product from Cisco USA.NX-OS is a set of data center-grade operating system software used by the switches running in it. An input validation vulnerability exists in the Simple Network Management Protocol SNMP feature of NX-OS on the Cisco...

Design/Logic Flaw

A vulnerability in the Simple Network Management Protocol SNMP feature of Cisco NX-OS on the Cisco Nexus 4000 Series Switch could allow an authenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service DoS condition. The vulnerability is due to...

CVE-2018-0298

A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerabili...

CVE-2018-0295

A vulnerability in the Border Gateway Protocol BGP implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update...

CVE-2018-0292

A vulnerability in the Internet Group Management Protocol IGMP Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in...

Cisco NX-OS Software Border Gateway Protocol Denial of Service Vulnerability

A vulnerability in the Border Gateway Protocol BGP implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update...

Security Bulletin: IBM Security Proventia Network Active Bypass is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2014-0160 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerabilit...