287 matches found
GSD-2022-1000816 CDC-NCM: avoid overflow in sanity checking
CDC-NCM: avoid overflow in sanity checking This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.26 by commit...
PT-2022-7498 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the CDC-NCM component in the Linux kernel, where a broken device may provide an extreme offset and a reasonable length for a fragment, causing an integer overfl...
PT-2021-8073 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.0-rc4+ Description: A crash occurs in the Linux kernel when the smc cdc tx handler function tries to access smc sock but smc release has already freed it. This happens due to a race condition between smc cd...
Omicron Phishing Scam Already Spotted in UK
The global pandemic has provided cover for all sorts of phishing scams over the past couple of years, and the rise in alarm over the spread of the latest COVID-19 variant, Omicron, is no exception. As public health professionals across the globe grapple with what they fear could be an even more...
CISA’s Top 30 Bugs: One’s Old Enough to Buy Beer
In a perfect world, CISA would laminate cards with the year’s top 30 vulnerabilities: You could whip it out and ask a business if they’ve bandaged these specific wounds before you hand over your cash. This is not a perfect world. There are no laminated vulnerability cards. But at least we have th...
@0xgg/echomd (>=1.0.0 <=1.0.4), @budibase/client (>=3.8.2 <=3.24.3) +117 more potentially affected by CVE-2020-7690 via jspdf (>=1.0.272 <=1.5.2)
jspdf NPM version =1.0.272, =1.0.0, =3.8.2, =0.0.3, =1.0.0, =2.6.4, =1.54.0, =0.2.1, =1.1.4, =0.0.0-dev.0ebca38, =1.0.0, =0.0.98, =1.15.0-alpha.1, =1.18.11 and more Source cves: CVE-2020-7690 Source advisory: OSV:GHSA-VH59-V9R5-4MH4...
COVID-19 Vaccine Spear-Phishing Attacks Jump 26 Percent
As Moderna, Pfizer and Johnson & Johnson roll out COVID-19 vaccines cybercriminals are preying on the those hungry to get in line for immunization. Between October and January the average number of COVID-19 vaccine-related spear-phishing attacks grew 26 percent, said Barracuda Networks researcher...
Key layers for developing a Smarter SOC with CyberProof-managed Microsoft Azure security services
This blog post is part of the Microsoft Intelligent Security Association MISA guest blog series. Learn more about MISA here. Security teams are struggling to reduce the time to detect and respond to threats due to the complexity and volume of alerts being generated from multiple security...
KB3137745 - Cumulative update package 11 for SQL Server 2012 SP2
KB3137745 - Cumulative update package 11 for SQL Server 2012 SP2 This article describes cumulative update package 11 Build number: 11.0.5646.0 for Microsoft SQL Server 2012 Service Pack 2 SP2. This update contains fixes that were released after the release of SQL Server 2012 SP2. Notes Cumulative...
KB3137746 - Cumulative update package 2 for SQL Server 2012 SP3
KB3137746 - Cumulative update package 2 for SQL Server 2012 SP3 This article describes cumulative update package 2 Build number: 11.0.6523.0 for Microsoft SQL Server 2012 Service Pack 3 SP3. This update contains fixes that were released after the release of SQL Server 2012 SP3. Notes Cumulative...
KB3152637 - Cumulative Update 12 for SQL Server 2012 SP2
KB3152637 - Cumulative Update 12 for SQL Server 2012 SP2 This article describes cumulative update package 12 Build number: 11.0.5649.0 for Microsoft SQL Server 2012 Service Pack 2 SP2. This update contains fixes that were released after the release of SQL Server 2012 SP2. Notes Cumulative updates...
KB3152635 - Cumulative Update 3 for SQL Server 2012 SP3
KB3152635 - Cumulative Update 3 for SQL Server 2012 SP3 This article describes cumulative update package 3 Build number: 11.0.6537.0 for Microsoft SQL Server 2012 Service Pack 3 SP3. This update contains fixes that were released after the release of SQL Server 2012 SP3. Notes Cumulative updates a...
Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks
As the coronavirus blows up into a worldwide pandemic, threat actors continue to exploit the disease to spread malware. Just this week, cybersecurity professionals identified a bevy of new threats ranging from coronavirus-themed malware attacks, booby-trapped URLs and credential stuffing scams. O...
Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks
As the coronavirus blows up into a worldwide pandemic, threat actors continue to exploit the disease to spread malware. Just this week, cybersecurity professionals identified a bevy of new threats ranging from coronavirus-themed malware attacks, booby-trapped URLs and credential stuffing scams. O...
Battling online coronavirus scams with facts
Panic and confusion about the recent coronavirus outbreak spurred threat actors to launch several malware campaigns across the world, relying on a tried-and-true method to infect people’s machines: fear. Cybercriminals targeted users in Japan with an Emotet campaign that included malicious Word...
The vulnerability in the driver drivers/usb/class/cdc-acm.c of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the drivers/usb/class/cdc-acm.c file of the Linux operating system is related to the use of memory after it has been freed. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2019-19530
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef...
CVE-2019-19530
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef...
DEBIAN-CVE-2019-19530
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef...
UBUNTU-CVE-2019-19530
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef...