Cisco IOS XR BGP Attribute Denial of Service Vulnerability

Cisco IOS XR software is a modular and fully distributed network operating system for service provider networks. A denial of service vulnerability exists in the Border Gateway Protocol BGP feature of Cisco IOS XR. The vulnerability stems from improper handling of BGP update messages that contain...

Cisco IOS XR BGP EVPN Denial of Service Vulnerability (CNVD-2020-04037)

Cisco IOS XR is a fully modular and fully distributed network interconnect operating system. A denial of service vulnerability exists in the implementation of the Border Gateway Protocol BGP Ethernet VPN EVPN feature in Cisco IOS XR 6.6.1 and later. The vulnerability stems from improper handling ...

Cisco IOS XR Denial of Service Vulnerability (CNVD-2020-04053)

Cisco IOS XR is a fully modular and fully distributed network interconnect operating system. A denial of service vulnerability exists in the implementation of the Border Gateway Protocol BGP Ethernet VPN EVPN feature in Cisco IOS XR 6.6.1 and later. The vulnerability stems from improper handling ...

Cisco IOS XR BGP EVPN Denial of Service Vulnerability

Cisco IOS XR is a fully modular and fully distributed network interconnect operating system. A denial of service vulnerability exists in the implementation of the Border Gateway Protocol BGP Ethernet VPN EVPN feature in Cisco IOS XR 6.6.1 and later. The vulnerability stems from improper handling ...

Guangzhou Lianya Network Technology Co., Ltd. UEESHOP exists logic flaws vulnerability Ueeshop exists logic flaws vulnerability

UEESHOP is a domestic self-built website platform focusing on cross-border e-commerce, providing fast self-built website services for cross-border e-commerce retail sellers and foreign trade exporters. Guangzhou Lianya Network Technology Co., Ltd UEESHOP has a logic flaw vulnerability. An attacke...

Huawei GaussDB 100 OLTP: Cross-Border Access Vulnerability (huawei-sa-20191204-01-gauss100)

There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Huawei GaussDB 100 OLTP database. Copyright C 2020 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the...

UEESHOP has a flawed logic vulnerability

UEESHOP is a domestic self-built website platform focusing on cross-border e-commerce, providing fast self-built website services for cross-border e-commerce retail sellers and foreign trade exporters. UEESHOP has a logic flaw vulnerability. Attackers can use the vulnerability to obtain sensitive...

Oracle January 2020 Critical Patch Update Multiple Vulnerabilities

Description Oracle has released advance notification regarding the January 2020 Critical Patch Update CPU to be released on January 14, 2020. The update addresses 333 vulnerabilities affecting the following software: Oracle Database Server, versions 12.2.0.1, 18c, 19c Oracle Communications Design...

DHS Plans to Expand Facial Recognition Border Checks

The Department of Homeland Security plans to extend facial recognition checks to all travelers entering and leaving the U.S. – including previously-exempt U.S. citizens. The proposed ruling, outlined in a recent filing that was first reported this week by TechCrunch, signifies a rapid expansion o...

Federal Court: Suspicionless Search of Traveler Devices by Border Agents Is Unconstitutional

In a win for the privacy of international travelers, a federal court in Boston has ruled that searchers of traveler electronic devices by border agents without suspicion is unconstitutional. The ruling from the U.S. District Court, District of Massachusetts came in a 2017 case, Alasaad v. Nielsen...

The vulnerability of the bgpd daemon in the Quagga software package, which allows a hacker to induce a service failure.

The vulnerability of the bgpd daemon in the Quagga software package is related to errors in processing internal BGP translation tables as strings. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

eIDAS-Node 2.3 Authentication Bypass Exploit

Exploit for multiple platform in category web applications ======================================================================= title: Authentication Bypass product: eIDAS-Node vulnerable version: =v2.3 v2.1 vulnerability 2 fixed version: v2.3.1 CVE number: - impact: critical homepage:...

eIDAS-Node 2.3 Authentication Bypass

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Authentication Bypass product: eIDAS-Node vulnerable version: =v2.3 v2.1 vulnerability 2 fixed version: v2.3.1 CVE number: - impact: critical homepage:...

CVE-2019-12147

The Sangoma Session Border Controller SBC 2.3.23-119 GA web interface is vulnerable to Argument Injection via special characters in the username field. Upon successful exploitation, a remote unauthenticated user can create a local system user with sudo privileges, and use that user to login to th...

CVE-2019-12148

The Sangoma Session Border Controller SBC 2.3.23-119 GA web interface is vulnerable to an authentication bypass via an argument injection vulnerability involving special characters in the username field. Upon successful exploitation, a remote unauthenticated user can login into the device's admin...

CVE-2019-12147

The Sangoma Session Border Controller SBC 2.3.23-119 GA web interface is vulnerable to Argument Injection via special characters in the username field. Upon successful exploitation, a remote unauthenticated user can create a local system user with sudo privileges, and use that user to login to th...

CVE-2019-12148

The Sangoma Session Border Controller SBC 2.3.23-119 GA web interface is vulnerable to an authentication bypass via an argument injection vulnerability involving special characters in the username field. Upon successful exploitation, a remote unauthenticated user can login into the device's admin...

Authentication flaw

The Sangoma Session Border Controller SBC 2.3.23-119 GA web interface is vulnerable to an authentication bypass via an argument injection vulnerability involving special characters in the username field. Upon successful exploitation, a remote unauthenticated user can login into the device's admin...

CVE-2019-12147

The Sangoma Session Border Controller SBC 2.3.23-119 GA web interface is vulnerable to Argument Injection via special characters in the username field. Upon successful exploitation, a remote unauthenticated user can create a local system user with sudo privileges, and use that user to login to th...

CVE-2019-12147

CVE-2019-12147 affects Sangoma SBC 2.3.23-119 GA web interface. The issue is Argument Injection via special characters in the username field, enabling a remote unauthenticated user to create a local privileged user (sudo) and subsequently access the system via web or SSH to compromise the device....