Lazy FP State Restore - Lenovo Support US

No description provided...

CVE-2018-15443 Cisco Firepower Detection Engine TCP Intrusion Prevention System Rule Bypass Vulnerability

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured Intrusion Prevention System IPS rule that inspects certain types of TCP traffic. The vulnerability is due to incorrect TCP retransmission handling. An...

CVE-2018-15443

Cisco Firepower System Software contains a TCP-traffic handling vulnerability in the detection engine that can let an unauthenticated, remote attacker bypass IPS rules inspecting certain TCP traffic. The flaw arises from incorrect TCP retransmission handling and can be exploited by sending a craf...

CVE-2018-0453

Cisco Firepower Management Center and Firepower System Software (FTD sensors) are affected by CVE-2018-0453. The issue stems from insufficient validation of CLI commands sent via the Sourcefire tunnel control channel, allowing an authenticated, local attacker with root privileges on at least one ...

CVE-2018-0455

The CVE-2018-0455 issue affects Cisco Firepower System Software (Detection Engine) with SMBv2/v3 header validation errors that allow unauthenticated remote exploitation to exhaust system memory and disrupt SNORT, potentially blocking traffic forwarding. Affected component: SMB processing in Cisco...

CVE-2018-0453 Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability

A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense FTD sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center FM...

CVE-2018-16671

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is system software information disclosure due to lack of authentication for /html/device-id...

Information disclosure

An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is system software information disclosure due to lack of authentication for /html/device-id...

Linux Kernel CVE-2018-5391 Remote Denial of Service Vulnerability

Description Linux Kernel is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Arista Extendible Operating System EOS 4.20.0F Arista Extendible Operating System EOS 4.20.1F Arista Extendible Operating...

CVE-2018-5383

Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key...

CVE-2018-3000

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications subcomponent: SPMS Suite. The supported version that is affected is 8.x. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructu...

Design/Logic Flaw

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP. The vulnerability exists because the affected software incorrectly...

CVE-2018-0370

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus slow down traffic processing. The vulnerability is due to improper handling of traffic when the...

CVE-2018-0384

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly...

CVE-2018-0384

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly...

CVE-2018-0370

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus slow down traffic processing. The vulnerability is due to improper handling of traffic when the...

CVE-2018-0385

CVE-2018-0385 affects Cisco Firepower System Software: the detection engine’s SSL packet parsing can be mishandled, allowing an unauthenticated remote attacker to cause a DoS via Snort process restart. The issue stems from improper input handling of SSL traffic, with exploitation by sending craft...

CVE-2018-0383

Cisco FireSIGHT System Software has CVE-2018-0383 in its detection engine, permitting an unauthenticated, remote FTP connection to bypass a file policy (Block upload with reset) by exploiting improper handling of FTP control connections. Affected: FireSIGHT/FMS software; vulnerability detailed in...

CVE-2018-0370

Cisco Firepower System Software contains a denial-of-service vulnerability in the detection engine when SSL inspection is enabled. An unauthenticated remote attacker can send crafted traffic to cause a single Snort detection engine process to consume excessive memory, degrading traffic processing...

CVE-2018-0385

A vulnerability in the detection engine parsing of Security Socket Layer SSL protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to the Snort process unexpectedly restarting. The vulnerability is due t...