3971 matches found
Mozilla: Type Confusion in XPCVariant.cpp
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR 68.4 and Firefox 72...
RancherOS < 1.4.1 Multiple Information Disclosure Vulnerabilities
The remote host is running a version of RancherOS prior to v1.4.1, hence is exposed to multiple side-channel vulnerabilities: - Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to a...
CVE-2019-13943
A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...
CVE-2019-13944
A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...
Code injection
A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...
CVE-2019-13943
CVE-2019-13943 affects Siemens EN100 Ethernet Module variants (DNP3, IEC61850
PT-2019-13484 · Moxa · En100 Ethernet Module Modbus Tcp Variant +4
Name of the Vulnerable Software and Affected Versions: EN100 Ethernet module DNP3 variant All versions EN100 Ethernet module IEC 61850 variant All versions V4.37 EN100 Ethernet module IEC104 variant All versions EN100 Ethernet module Modbus TCP variant All versions EN100 Ethernet module PROFINET ...
SYS.2.2.2.A1
Ziel des Bausteins SYS.2.2.2 ist der Schutz von Informationen, die durch und auf Windows 8.1-Clients verarbeiten werden. Die Basis-Anforderung Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
‘Highly Competitive' Buer Loader Emerges in Underground Markets
A previously undocumented modular loader has emerged as a lucrative tool for cybercriminals in a variety of campaigns. Researchers say the “highly competitive” loader, dubbed Buer, is intended for use by actors seeking a turn-key, off-the-shelf solution. Researchers say they have spotted the load...
glibc security update
2.28-72.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make IOfunlockfile match funlockfile and...
OPENSUSE-SU-2019:2477-1 Recommended update for bcm20702a1-firmware
This update for bcm20702a1-firmware fixes the following issues: Changes in bcm20702a1-firmware: - Use https to fetch the archive to avoid person-in-the-middle attacks boo1154083 - Fetch & install another variant firmware 0a5c:21e8 boo1087996...
Recommended update for bcm20702a1-firmware (moderate)
openSUSE Security Update: Recommended update for bcm20702a1-firmware Announcement ID: openSUSE-SU-2019:2477-1 Rating: moderate References: 1087996 1154083 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that contains security fixes can now be installed. Description: This update...
Siemens Siprotec Unspecified Vulnerability
A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module All versions V4.35, Firmware variant MODBUS TCP for EN100 Ethernet module All versions, Firmware variant DNP3 TCP for EN100 Ethernet module All versions, Firmware variant IEC104 for EN100 Ethernet module A...
Siemens Dnp3 Improper Input Validation
A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module All versions V4.33, Firmware variant PROFINET IO for EN100 Ethernet module All versions, Firmware variant Modbus TCP for EN100 Ethernet module All versions, Firmware variant DNP3 TCP for EN100 Ethernet...
Valve Source Engine, Fortnite Servers Crippled By Gafgyt Variant
A new Gafgyt variant is adding vulnerable internet of things IoT devices to its botnet arsenal and using them to cripple gaming servers worldwide. The newly-discovered variant is capable of launching a variety of denial-of-service DoS attacks against the Valve Source Engine, a video game engine...
Security Bulletin: IBM Netezza Host Management is affected by the vulnerability known as Variant 4 or SpectreNG.
Summary Open Source Kernel is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2018-3639 DESCRIPTION: Multiple Intel CPUs could allow a local attacker to obtain sensitive information, caused by utilizing sequences ...
A week in security (August 26 – September 1)
Last week on Malwarebytes Labs, we analysed the Android xHelper trojan, we wondered why the Nextdoor app would send out letters on behalf of their customers, reported about a study that explores the clickjacking problem across top Alexa-ranked websites, wondered how to get the board to invest in...
CVE-2019-1125
An information disclosure vulnerability exists when certain central processing units CPU speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an...
DEBIAN-CVE-2019-1125
An information disclosure vulnerability exists when certain central processing units CPU speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an...
CVE-2019-1125
An information disclosure vulnerability exists when certain central processing units CPU speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an...