EUVD-2019-13276

Malware in sbrugna...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization due to missing authorization checks in the AbuseFilter process. An attacker can access sensitive IP reputation information by sending unauthorized requests to the affected component. Remediation Upgrade...

CVE-2019-3641

Abuse of Authorization vulnerability in APIs exposed by TIE server in McAfee Threat Intelligence Exchange Server TIE Server 3.0.0 allows remote authenticated users to modify stored reputation data via specially crafted messages...

SUSE CVE-2016-1947

Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote attackers to trigger an unintended download by leveraging the absence of reputation data...

CVE-2019-3641

Abuse of Authorization vulnerability in APIs exposed by TIE server in McAfee Threat Intelligence Exchange Server TIE Server 3.0.0 allows remote authenticated users to modify stored reputation data via specially crafted messages...

Webroot BrightCloud SDK HTTP headers-parsing code execution vulnerability

Summary An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bchttpreadheader incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a remote BrightClo...