KB4499158: Windows Server 2012 May 2019 Security Update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

The remote Windows host is missing security update 4499158 or cumulative update 4499171. It is, therefore, affected by multiple vulnerabilities : - A new subclass of speculative execution side channel vulnerabilities, known as Microarchitectural Data Sampling, exist in Windows. An attacker who...

KB4499167: Windows 10 Version 1803 and Windows Server Version 1803 May 2019 Security Update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

The remote Windows host is missing security update 4499167 or 4497398. It is, therefore, affected by multiple vulnerabilities : - A new subclass of speculative execution side channel vulnerabilities, known as Microarchitectural Data Sampling, exist in Windows. An attacker who successfully exploit...

KB4494440: Windows 10 Version 1607 and Windows Server 2016 May 2019 Security Update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

The remote Windows host is missing security update 4494440. It is, therefore, affected by multiple vulnerabilities : - A new subclass of speculative execution side channel vulnerabilities, known as Microarchitectural Data Sampling, exist in Windows. An attacker who successfully exploited these...

PostgreSQL -- Selectivity estimators bypass row security policies

The PostgreSQL project reports: PostgreSQL maintains statistics for tables by sampling data available in columns; this data is consulted during the query planning process. Prior to this release, a user able to execute SQL queries with permissions to read a given column could craft a leaky operato...

Mitsubishi QD81DL96 Communications Adapter Detection

Binary data 752144.prm...

Important: kernel

Issue Overview: Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA STore Address and STD STore Data sub-operations. These sub-operations allow the processor to hand-off...

Important: kernel

Issue Overview: - Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12126 - Microarchitectural Fill Buffer Data Sampling MFBDS CVE-2018-12130 - Microarchitectural Load Port Data Sampling MLPDS CVE-2018-12127 - Microarchitectural Data Sampling Uncacheable Memory MDSUM CVE-2019-11091...

PT-2019-2190 · Intel +8 · Intel Microprocessors +12

Name of the Vulnerable Software and Affected Versions: Intel Microprocessors affected versions not specified vCenter Server affected versions not specified ESXi affected versions not specified Workstation affected versions not specified Fusion affected versions not specified Description: The issu...

PT-2019-2188 · Intel +7 · Intel Microprocessors +11

Name of the Vulnerable Software and Affected Versions: Intel microprocessors affected versions not specified vCenter Server affected versions not specified ESXi affected versions not specified Workstation affected versions not specified Fusion affected versions not specified Description: The issu...

PT-2019-2189 · Intel +8 · Intel Microprocessors +12

Name of the Vulnerable Software and Affected Versions: Intel microprocessors affected versions not specified vCenter Server affected versions not specified ESXi affected versions not specified Workstation affected versions not specified Fusion affected versions not specified Huawei VRP affected...

PF_RING - High-Speed Packet Capture, Filtering And Analysis

PFRING™ is a new type of network socket that dramatically improves the packet capture speed, and that’s characterized by the following properties: 1. Available for Linux kernels 2.6.32 and newer. 2. No need to patch the kernel: just load the kernel module. 3. 10 Gbit Hardware Packet Filtering usi...

CVE-2019-0014

On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC Flexible PIC Concentrator process which causes all interfaces to go down. By continuously sending the offending packet, an attacker can repeatedly crash the FPC process causing a sustained Denial of Servi...

Design/Logic Flaw

On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC Flexible PIC Concentrator process which causes all interfaces to go down. By continuously sending the offending packet, an attacker can repeatedly crash the FPC process causing a sustained Denial of Servi...

CRS - OWASP ModSecurity Core Rule Set

The OWASP ModSecurity Core Rule Set CRS is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. The CRS aims to protect web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. The Core Rule Se...

OPENSUSE-SU-2018:0544-1 Security update for lame

This update for lame fixes the following issues: Lame was updated to version 3.100: Improved detection of MPEG audio data in RIFF WAVE files. sf3545112 Invalid sampling detection New switch --gain , range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the use of...

OPENSUSE-SU-2018:0543-1 Security update for lame

This update for lame fixes the following issues: Lame was updated to version 3.100: Improved detection of MPEG audio data in RIFF WAVE files. sf3545112 Invalid sampling detection New switch --gain , range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the use of...

openSUSE Security Update : libjpeg-turbo (openSUSE-2017-1218)

This update for libjpeg-turbo to version 1.5.2 fixes the following issues : - CVE-2017-15232: NULL pointer dereference in jdpostct.c and jquant1.c boo1062937 This compatible version update contains the following improvements : - Improved and updated upsampling support and sampling factors - Memor...

sampling-love.com XSS vulnerability

Vulnerable URL: http://www.sampling-love.com/search.php?select=hhartist=13'"3+chairs=head=check&kensaku.x;=52&kensaku.y;=11 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2894731 V...

Samplicator - Send copies of (UDP) datagrams to multiple receivers, with optional sampling and spoofing

This small program receives UDP datagrams on a given port, and resends those datagrams to a specified set of receivers. In addition, a sampling divisor N may be specified individually for each receiver, which will then only receive one in N of the received packets. INSTALLATION This distribution...

UBUNTU-CVE-2016-9535

tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow."...