VMware Releases Security Updates for Multiple Products

VMware has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

Microsoft Windows Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the...

Win32k Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or...

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Cis...

The vulnerability of the Win32k component in Windows operating systems, which allows attackers to increase their privileges

The vulnerability of the Win32k component in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain full control over the system through a specially create...

Cisco Releases Security Updates for IOS XE SD-WAN Solution Software

Cisco has released security updates to address a vulnerability in IOS XE SD-WAN Solution software. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Cisco...

Juniper Releases Security Updates for Junos OS

Juniper has released security updates to address a vulnerability affecting multiple versions of Junos operating systems. A remote attacker can exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...

CVE-2020-7131

This document describes a security vulnerability in Blade Maintenance Entity, Integrated Maintenance Entity and Maintenance Entity products. All J/H-series NonStop systems have a security vulnerability associated with an open UDP port 17185 on the Maintenance LAN which could result in information...

CVE-2020-7131

This document describes a security vulnerability in Blade Maintenance Entity, Integrated Maintenance Entity and Maintenance Entity products. All J/H-series NonStop systems have a security vulnerability associated with an open UDP port 17185 on the Maintenance LAN which could result in information...

CVE-2020-7131

CVE-2020-7131 affects Blade Maintenance Entity, Integrated Maintenance Entity and Maintenance Entity on J/H-series NonStop systems. The issue arises from an open UDP port 17185 on the Maintenance LAN, enabling information disclosure, DoS, local memory corruption, and potentially full system contr...

kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c

A flaw was found in the Linux kernel’s implementation of dropping sysctl entries. A local attacker who has access to load modules on the system can trigger a condition during module load failure and panic the system...

GDI+ Remote Code Execution Vulnerability

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface GDI handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or dele...

PT-2020-2287 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Description: The issue is related to errors in handling objects in memory by the scripting engine in Internet Explorer. Exploitation of this issue can allow a remote attacker to execute...

Mozilla Releases Security Updates for Firefox, Firefox ESR

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Mozil...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus and WebSphere Message Broker

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.1.4.10 and IBM® Runtime Environment Java™ Versions 7.0.10.10 and 7.1.4.10 used by IBM Integration Bus and WebSphere Message Broker. These issues were disclosed as part of the IBM Java SDK updates in Jul 201...

Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects IBM Performance Management products

Summary Multiple vulnerabilities in the Oracle Java SE and the Java SE Embedded impact the IBM SDK, Java Technology Edition. Vulnerability Details CVEID: CVE-2019-2602 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Libraries component could...

Vulnerability of Windows operating systems, related to improper handling of hard links, allows attackers to enhance their privileges and gain full control over the system.

The vulnerability of Windows operating systems is related to the incorrect handling of hard links. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain full control over the system through a specially created application...

Google Releases Security Updates for Chrome

Google has released Chrome version 80.0.3987.149 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...

The vulnerability of the Graphics Device Interface (GDI) component in Windows operating systems allows a hacker to gain full control over the system or execute arbitrary code.

The vulnerability of the Graphics Device Interface GDI component in Windows operating systems is related to incorrect handling of objects in memory. Exploiting this vulnerability can allow an attacker to gain full control over the system or execute arbitrary code using a specially created documen...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Summary Java SE issues disclosed in the Oracle January 2020 Critical Patch Update, plus one additional vulnerability. This bulletin does not cover CVE-2020-2601, CVE-2020-2654, and CVE-2020-2590. The fixes for these issue are targeted for future releases and will be covered by additional bulletin...