CVE-2018-0473

A vulnerability in the Precision Time Protocol PTP subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could explo...

Design/Logic Flaw

A vulnerability in the Precision Time Protocol PTP subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could explo...

CVE-2018-0473 Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability

A vulnerability in the Precision Time Protocol PTP subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could explo...

[SECURITY] Fedora 27 Update: ntp-4.2.8p12-1.fc27

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in...

Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability

A vulnerability in the Precision Time Protocol PTP subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could explo...

Cloudflare Embraces Google Roughtime, Giving Internet Security a Boost

Syncing clocks online is vital to web security...

[SECURITY] Fedora 29 Update: nspr-4.20.0-1.fc29

NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management malloc and free and shared library linking...

Error : "An error occurred while building your environment...". Synchronization State of WEM Agents Has a Red "X"

After upgrading WEM from 4.2 to 4.4, WEM agents are failing to connect to the WEM server with the following error: "An error occurred while building your environment. Agent processing will now stop. Please contact your Administrator." Issue only occurs when connections are going through Load...

CVE-2018-11827

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, improper validation of array index in WMA roam synchronization handler can lead to OOB write...

Citrix Policy - Does applying same policies on different priorities append the policy settings?

Question : Citrix Policy - Does applying same policies on different priorities append the policy settings? Answer : No, applying same policy however different settings in them will not append it, however, it will replace the policy altogether. An example: We have defined the following policy twic...

zzcms 8.3 arbitrary file deletion vulnerability deep thinking-vulnerability warning-the black bar safety net

In the analysis of the already existing cve in the process, discovered zzcms 8.3 comparison of the previous version of the function improved, so by the follow-up look, there is no problem, and sure enough found the problem. CMS for file storage implementation Because I myself have done similar cm...

Veeam Availability Orchestrator stops collecting vCenter asset information

Challenge There is an issue with the embedded Veeam ONE component of Veeam Availability Orchestrator 1.0 release. The issue results in Veeam ONE not recognizing new VMware vCenter assets approximately 90 days after installation. Cause There is a synchronization issue between Veeam ONE Monitor and...

The vulnerability of the IOFireWireAVC component of the Mac OS X operating system allows a hacker to execute arbitrary code with kernel privileges.

The vulnerability of the IOFireWireAVC component in the Mac OS X operating system is related to synchronization errors when using a shared resource “Race Condition”. Exploiting this vulnerability allows an attacker to execute arbitrary code with kernel privileges through a specially created...

Yosoro Cross-Site Scripting Vulnerability

Yosoro is a desktop application for synchronizing the contents of your hard drive in the cloud. A cross-site scripting vulnerability exists in Yosoro version 1.0.4. A remote attacker can exploit this vulnerability to execute arbitrary code...

Kernel security update: Virtuozzo ReadyKernel patch 54.0 for Virtuozzo 7.0.7 HF2 and 7.0.7 HF3

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo 7.0 kernels 3.10.0-693.21.1.vz7.46.7 7.0.7 HF2 and 3.10.0-693.21.1.vz7.48.2 7.0.7 HF3. Vulnerability id: CVE-2018-1120 By mmaping a FUSE-backed file onto a process's memory...

[SECURITY] Fedora 27 Update: git-annex-6.20180626-1.fc27

Git-annex allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with f iles larger than git can currently easily handle, whether due to limitations in memory, time, or disk space. It can store large files in many...

CVE-2018-4851

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of th...

Design/Logic Flaw

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of th...

CVE-2018-4851

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of th...

CVE-2018-4851

The CVE-2018-4851 issue affects Siemens SICLOCK TC100 and TC400 (all versions). An attacker with network access can trigger a Denial-of-Service by sending specific packets, potentially rebooting the device and impacting core functionality. Time-serving resumes after time synchronization with GPS ...