15 matches found
The Mythos Inflection Point: Dealing With the Upcoming Vulnerability Disclosure Avalanche and Compressed Exploitation Window
Having spent years at Qualys working on vulnerability risk and remediation management, I have watched the disclosure and remediation cycles from every angle. I have seen vulnerability researchers find a critical flaw in OpenSSH and the industry scramble to respond. I have seen organizations...
Lexmark Printer SSRF Vulnerability (CVE-2023-50733)
Multiple Lexmark printer devices are prone to a server-side request forgery SSRF vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Lexmark Printer RCE Vulnerability (CVE-2023-50739)
Multiple Lexmark printer devices are prone to remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFI...
De-risking Your Organization in Spite of NVD Delays
In the face of recent struggles with the National Vulnerability Database NVD, causing delays in analyzing Common Vulnerabilities and Exposures CVEs since February 12, 2024, a significant number of CVEs lacked essential metadata including severity scores and affected product details. Qualys remain...
Vulnerabilities fixed in QNAP QTS and QTS Hero
QNAP has fixed vulnerabilities in QTS and QTS Hero. A malicious party can exploit the vulnerabilities to bypass security measures, grant himself elevated privileges granted and execute code with administrator privileges and gain access to sensitive data on the vulnerable system. Successful misuse...
Qualcomm 芯片 资源管理错误漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is often manufactured on the surface of semiconductor wafers. There is a security vulnerability in Qualcomm chips. No information about thi...
Juniper Networks Junos OS 安全漏洞
Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS. No information about this vulnerability is...
Google Pixel 缓冲区错误漏洞
Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability. No information about this vulnerability is available at this time, so stay tuned to CNNVD or the manufacturer's announcement...
Vulnerability fixed in rsyslog
The developers of rsyslog have fixed a vulnerability in rsyslog. A malicious party could exploit the vulnerability to cause a denial-of-service, or to potentially manipulate data manipulate and thus potentially inject false information into the central syslog environment. The developers do not ru...
OMRON Corporation 缓冲区错误漏洞
OMRON Corporation is an industrial control product. A security vulnerability exists in OMRON Corporation, no information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor announcements...
Amnesia:33
Amnesia:33 is a group of 33 vulnerabilities in open-source TCP/IP stack libraries. The vulnerabilities may be present in a wide range of operational technology, IoT, and connected device implementations. Recent assessments: ccondon-r7 at December 08, 2020 9:05pm UTC reported: Sorta relying here o...
Google Android Buffer Error Vulnerability
Google Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA. Google Android Pixel has a security vulnerability, there is currently no information about this vulnerability, please stay tuned to CNNVD or the manufacturer's announcement...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 30, 2018
When I was little, I discovered the joy of jumping on the bed. While it was fun to jump on the bed, I wanted to make it more challenging so I started to imitate the ski jumpers I had seen during the 1976 Winter Olympics and jump from my parents’ dresser to the bed. I quickly found out there’s a...
SAP NetWeaver AS Java Information Disclosure Vulnerability (2255990) - Active Check
SAP NetWeaver Application Server AS Java is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
RealPlayer PNG Deflate Algorithm Heap Corruption Arbitrary Code Execution
According to its build number, the installed version of RealPlayer / RealOne Player / RealPlayer Enterprise for Windows has a flaw in the remote version that may allow an attacker to execute arbitrary code on the remote host, with the privileges of the user running RealPlayer. To do so, an attack...