KLA11311 Multiple DoS vulnerabilities in Wireshark

Multiple serious vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. An unspecified vulnerability in the Bluetooth AVDTP dissector can be exploited remotely via malformed packet trac...

Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Denial Of Service

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Service Control DoS Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160 IPn4Gb 1.1.6 build 1184-14 IPn4Gb 1.1.0 Rev 2 build 1090-2 IPn4Gb 1.1.0 R...

The vulnerability of the Qualcomm Modem component in the Android operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Qualcomm Modem component in the Android operating system is related to buffer overflows during IMS calls. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the JavaScript script handler ChakraCore in browsers Internet Explorer and Microsoft Edge allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of ChakraCore JavaScript handlers in browsers Internet Explorer and Microsoft Edge is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

Security Bulletin: Multiple vulnerabilities in IBM QRadar SIEM (CVE-2014-0838, CVE-2014-0835, CVE-2014-0836, CVE-2014-0837)

Summary Multiple vulnerabilities exist in the AutoUpdate settings page and the AutoUpdate process within the IBM QRadar SIEM that when used together could result in remote code execution. Vulnerability Details VULNERABILITY DETAILS: CVE ID: CVE-2014-0838 DESCRIPTION: A flaw in the IBM QRadar...

Security Bulletin: IBM Informix Server CPU utilization (CVE-2014-0963)

Summary Informix Server is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase. Vulnerability Details CVE ID: CVE-2014-0963 DESCRIPTION: Informix Server is affected by a problem with the handling of certain S...

Security Bulletin: IBM SPSS Modeler CPU utilization (CVE-2014-0963)

Summary IBM SPSS Modeler is affected by a problem related to the SSL implementation which, under very specific conditions, can cause CPU utilization to rapidly increase. Vulnerability Details CVE ID: CVE-2014-0963 DESCRIPTION: IBM SPSS Modeler Server is affected by a problem with the handling of...

Security Bulletin: IBM WebSphere DataPower XC10 is vulnerable to a buffer overflow in the Command Line Interface (CLI) that may affect system availability. (CVE-2016-2870)

Summary IBM WebSphere DataPower XC10 is vulnerable to a buffer overflow in the Command Line Interface CLI that may affect system availability. Vulnerability Details CVEID: CVE-2016-2870 DESCRIPTION: IBM WebSphere DataPower XC10 is vulnerable to a buffer overflow in the Command Line Interface CLI...

KLA11259 DoS vulnerability in Mozilla Firefox and Firefox ESR

A heap buffer overflow vulnerability was found in the Skia library. By exploiting this vulnerability malicious users can cause denial of service via specially crafted SVG file with anti-aliasing turned off. Original advisories Mozilla Foundation Security Advisory 2018-14 Exploitation Public...

The vulnerability of the mechanism for handling errors during the establishment of SSL connections for Qualcomm’s Android operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the error handling mechanism for establishing SSL connections in Qualcomm’s Android operating system is related to improper error handling of errors returned by the RNG function. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality,...

The vulnerability of the Qualcomm XBL Android operating system’s loader allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Qualcomm XBL Android operating system’s loader is related to authentication errors during the loading of device configuration. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information...

AutoTTP - Automated Tactics Techniques & Procedures

Automated Tactics Techniques & Procedures. Re-running complex sequences manually for regression tests, product evaluations, generate data for researchers & so on can be tedious. I toyed with the idea of making it easier to script Empire or any frameworks/products/toolkits that provide APIs like...

CVE-2018-1109

A vulnerability was found in nodejs-braces. Affected versions of this package are vulnerable to Regular expression Denial of Service ReDoS attacks. The highest threat from this vulnerability is system availability...

KLA11228 A use-after-free vulnerability in Mozilla Firefox and Firefox ESR

A use-after-free vulnerability was found in Mozilla Firefox. By exploiting this vulnerability malicious users can cause denial of service. Original advisories Mozilla Foundation Security Advisory 2018-10 Related products Mozilla-Firefox Mozilla-Firefox-ESR CVE list CVE-2018-5148 critical Solution...

Unspecified Vulnerability in Oracle Hyperion Planning Component

Oracle Hyperion is the United States Oracle Oracle company's set of financial modeling applications, it provides financial closure, report production and other functions.Oracle Hyperion Planning is one of the planning task component. A security vulnerability exists in the Security subcomponent of...

Unspecified Vulnerability in Oracle Hospitality Simphony (CNVD-2018-02252)

Oracle Hospitality Simphony provides a modern user experience that delivers relevant information to guests through smooth, real-time tiled presentations. An unspecified vulnerability exists in the Security component of Oracle Hospitality Simphony. An attacker could exploit this vulnerability to...

Unspecified Vulnerability in Oracle Java SE (CNVD-2018-02255)

Oracle Java SE is the United States Oracle Oracle company's set of standard version of the Java platform for the development and deployment of desktop, server, and embedded devices and real-time environments in the Java application. A security vulnerability exists in the Deployment subcomponent o...

KLA11176 Multiple DoS vulnerabilities in Wireshark

Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. A recursion depth error in epan/tvbparse.c can be exploited remotely via a malformed packet to cause denial ...

KLA11151 Denial of service vulnerabilities in Wireshark

Multiple vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities remotely to cause a denial of service via injecting a malformed packet. Technical details This vulnerabilities related to next services: 1. NetBIOS dissector; 2. IWARPMPA dissector; 3. CIP...

Unspecified Vulnerability in Oracle Fusion Middleware Oracle Identity Manager Component (CNVD-2017-35618)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platform for enterprise and cloud environments from Oracle. The platform provides middleware, software collections, and other functionality.Oracle Identity Manager is one of the enterprise identity management system...