Cisco RV110W, RV130W, and RV215W Routers Syslog HTTP Access Information Disclosure Vulnerability (cisco-sa-20190619-rv-fileaccess)

According to its self-reported version, the version of the Cisco Small Business Wireless-N VPN Router installed on the remote host is affected by an information disclosure vulnerability. An unauthenticated, remote attacker can exploit this to disclose potentially sensitive information. C Tenable...

HPE Intelligent Management Center (IMC) SyslogTempletSelectWin Expression Language Injection Remote Code Execution Vulnerability

HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A SyslogTempletSelectWin expression language injection remote code execution vulnerability exists in HPE...

Security Bulletin: IBM QRadar WinCollect Agent Does Not Verify TLS Syslog Certificate (CVE-2019-4264)

Summary When configured for TLS Syslog the Wincollect agent does not verify the authenticity or accuracy of the server certificate. Even when a certificate is specified within the WinCollect configuration it is ignored, and any certificate presented by the server is blindly accepted while...

CVE-2019-1695

A vulnerability in the detection engine of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software...

CVE-2019-1695

A vulnerability in the detection engine of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software...

CVE-2019-1695 Cisco Adaptive Security Appliance and Firepower Threat Defense Software Layer 2 Filtering Bypass Vulnerability

A vulnerability in the detection engine of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software...

CVE-2019-1695 Cisco Adaptive Security Appliance and Firepower Threat Defense Software Layer 2 Filtering Bypass Vulnerability

A vulnerability in the detection engine of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software...

CVE-2019-1695

The CVE-2019-1695 issue affects Cisco ASA and Cisco FTD, where the detection engine improperly filters Ethernet frames, allowing an unauthenticated, adjacent attacker to bypass Layer 2 filters and send data directly to the kernel via crafted packets to the management interface. This can trigger a...

CVE-2017-18369

The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the advremotelog.asp page and can be exploited through the syslogServerAd...

Denial Of Service (DoS)

Red Hat Enterprise Linux OpenStack Platform provides the facilities for building a private or public infrastructure-as-a-service IaaS cloud running on commonly available physical hardware. This update addresses the following issues: This package rebases mariadb-galera to 5.5.42, fixing an issue...

PT-2019-2088 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the detection engine of Cisco Adaptive Security Applian...

CVE-2015-1343

All versions of unity-scope-gdrive logs search terms to syslog...

Code injection

All versions of unity-scope-gdrive logs search terms to syslog...

CVE-2015-1343

All versions of unity-scope-gdrive logs search terms to syslog...

UBUNTU-CVE-2015-1343

All versions of unity-scope-gdrive logs search terms to syslog...

CVE-2015-1343 unity-scope-gdrive search feature logs search terms to syslog

All versions of unity-scope-gdrive logs search terms to syslog...

CVE-2015-1343

CVE-2015-1343 affects unity-scope-gdrive; all versions log search terms to syslog. The connected documents consistently describe a logging behavior that may expose user search data via syslog, implying potential information disclosure. The provided sources do not include root-cause details, affec...

EulerOS Virtualization 2.5.4 : systemd (EulerOS-SA-2019-1233)

According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in...

openSUSE Security Update : systemd (openSUSE-2019-909)

This update for systemd fixes the following issues : Security issues fixed : - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 - CVE-2018-15686: A vulnerability in...

openSUSE Security Update : amavisd-new (openSUSE-2019-297)

This update for amavisd-new fixes the following issues : Security issue fixed : - CVE-2016-1238: Workedaround a perl vulnerability by removing a trailing dot element from @INCbsc987887. Other issues addressed : - update to version 2.11.1 bsc1123389. - amavis-services: bumping up syslog level from...