Mozilla: Use-after-free during docshell reloading (MFSA 2017-16)

A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...

CVE-2017-6655

A vulnerability in the Fibre Channel over Ethernet FCoE protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition when an FCoE-related process unexpectedly reloads. This vulnerability affects Cisco NX-OS Software o...

CVE-2017-6648

A vulnerability in the Session Initiation Protocol SIP of the Cisco TelePresence Codec TC and Collaboration Endpoint CE Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerabili...

Cisco TelePresence Endpoint Denial of Service Vulnerability

A vulnerability in the Session Initiation Protocol SIP of the Cisco TelePresence Codec TC and Collaboration Endpoint CE Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerabili...

Input validation

A vulnerability in the ICMP ingress packet processing of Cisco TelePresence Collaboration Endpoint CE Software could allow an unauthenticated, remote attacker to cause the TelePresence endpoint to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerability is due to...

CVE-2016-9256

In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the rolemap is not reloaded between the time the permissions are changed and the time of the user's next request. This is a race condition that occurs rarely in normal...

Mozilla: Origin confusion when reloading isolated data:text/html URL (MFSA 2017-12)

If a page is loaded from an original site through a hyperlink and contains a redirect to a "data:text/html" URL, triggering a reload will run the reloaded "data:text/html" page with its origin set incorrectly. This allows for a cross-site scripting XSS attack. This vulnerability affects Thunderbi...

Cisco TelePresence ICMP Denial of Service Vulnerability

Cisco TelePresence is a Cisco TelePresence solution that creates a unique face-to-face experience for people interacting with places and all aspects of their work life, enabled by a combination of innovative video, audio and interactive components software and hardware over the network. A denial ...

Cisco ASA Software Ipsec Denial of Service Vulnerability

Cisco Adaptive Security Appliance ASA Software is the core operating system for the Cisco ASA family. A denial of service vulnerability exists in Cisco ASA Software Ipsec, which can be exploited by an attacker to send malformed IPsec packets to an affected system. causing the affected device to...

Cisco ASA Software Denial of Service Vulnerability

Cisco Adaptive Security Appliance ASA Software is the core operating system for the Cisco ASA family. A denial of service vulnerability exists in Cisco ASA Software, which can be exploited by a remote attacker to cause a reload of an affected device by sending specially designed parameters...

DEBIAN-CVE-2017-8288

gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in the lock screen. With these extensions, a bystander could launch applications but not interact with them, see information from the extensions e.g., what applications you have...

Cisco Unified Communications Manager SIP UDP Throttling DoS (CSCuz72455)

According to its self-reported version, the Cisco Unified Communications Manager CUCM running on the remote device is affected by a denial of service vulnerability in the Session Initiation Protocol SIP UDP throttling process due to insufficient rate limiting protection. An unauthenticated, remot...

CVE-2017-6609

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...

CVE-2017-3863

Multiple vulnerabilities in the EnergyWise module of Cisco IOS 12.2 and 15.0 through 15.6 and Cisco IOS XE 3.2 through 3.18 could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service DoS condition. These...

CVE-2017-6609

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...

Input validation

A vulnerability in the Internet Key Exchange Version 1 IKEv1 XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation...

Design/Logic Flaw

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...

CVE-2017-6607

A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device's local DNS cache. The vulnerability is due to a flaw in handling crafted DNS response messages. An attacker...

CVE-2017-6608

A vulnerability in the Secure Sockets Layer SSL and Transport Layer Security TLS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of crafted SSL or TLS packets. An attacker could explo...

CVE-2017-6610

A vulnerability in the Internet Key Exchange Version 1 IKEv1 XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation...