The vulnerability of the microprogrammed software in Cisco IP Phone models series 8800 and 7800, related to insufficient checking of SIP initiation packets, allows attackers to cause service failures.

The vulnerability of the microprogrammed software in Cisco IP Phone models series 8800 and 7800 is related to insufficient checking of incoming packets of the Session Initiation Protocol SIP. Exploiting this vulnerability can allow a malicious actor to cause service failures...

ALPINE-CVE-2019-12529

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checki...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4710)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4710 advisory. - fork: record starttime late David Herrmann Orabug: 29850581 CVE-2019-6133 - x86/retpoline/ia32entry: Convert to non-speculative calls Ankur Arora...

CVE-2019-12804

In Hunesion i-oneNet version 3.0.7 3.0.53 and 4.0.4 4.0.16, due to the lack of update file integrity checking in the upgrade process, an attacker can craft malicious file and use it as an update...

Design/Logic Flaw

In Hunesion i-oneNet version 3.0.7 3.0.53 and 4.0.4 4.0.16, due to the lack of update file integrity checking in the upgrade process, an attacker can craft malicious file and use it as an update...

CVE-2019-12804

CVE-2019-12804 affects Hunesion i-oneNet versions 3.0.7–3.0.53 and 4.0.4–4.0.16. The root cause is missing update-file integrity checking during the upgrade process, enabling an attacker to craft a malicious file and present it as an update. This can compromise the integrity of updates and potent...

Information Disclosure

Microsoft Chakracore is vulnerable to information disclosure. Lack of bounds checking allows an attacker to corrupt memory and obtain confidential information about the user's application...

CVE-2019-4087

IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by servers and storage agents in response to specifically crafted communication exchanges. By sending an overly long request, a remote attacker could...

Stack overflow

IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by servers and storage agents in response to specifically crafted communication exchanges. By sending an overly long request, a remote attacker could...

CVE-2019-4087

IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by servers and storage agents in response to specifically crafted communication exchanges. By sending an overly long request, a remote attacker could...

HP Printers RCE Vulnerability (HPSBPI03596)

Multiple HP printers are prone to a remote code execution RCE vulnerability in the solution application signature checking. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

The vulnerability of the __GI_getenv function in the editing and Ogg-file checking software oggz allows a perpetrator to cause a service failure.

The vulnerability of the GIgetenv function name=0x7ffff7b94ac7 “TH”, name@entry=0x7ffff7b94ac5 “PATH” in the editing and checking tool for Ogg files from the oggz-tools package is related to buffer overflow vulnerabilities. Exploiting this vulnerability can allow an attacker to cause a service...

About the security content of iCloud for Windows 7.11 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

About the security content of iTunes 12.9.4 for Windows - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

bro -- Null pointer dereference and Signed integer overflow

Jon Siwek of Corelight reports: This is a security patch release to address potential Denial of Service vulnerabilities: Null pointer dereference in the RPC analysis code. RPC analyzers e.g. MOUNT or NFS are not enabled in the default configuration. Signed integer overflow in BinPAC-generated...

CVE-2019-1630

A vulnerability in the firmware signature checking program of Cisco Integrated Management Controller IMC could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service DoS condition. The vulnerability is due to insufficient checking of an input buffer. A...

CVE-2019-1630 Cisco Integrated Management Controller Denial of Service Vulnerability

A vulnerability in the firmware signature checking program of Cisco Integrated Management Controller IMC could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service DoS condition. The vulnerability is due to insufficient checking of an input buffer. A...

CVE-2019-1630

Cisco CVE-2019-1630 is a denial-of-service vulnerability in the firmware signature checking program of Cisco Integrated Management Controller (IMC). A local, authenticated attacker can trigger a buffer overflow by supplying a crafted file, potentially inhibiting an administrator’s access to the s...

Cisco Integrated Management Controller Denial of Service Vulnerability

A vulnerability in the firmware signature checking program of Cisco Integrated Management Controller IMC could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service DoS condition. The vulnerability is due to insufficient checking of an input buffer. A...

The vulnerability of the command-line interface of networking operating systems NX-OS and FX-OS allows attackers to escalate their privileges and execute arbitrary commands.

The vulnerability of the command-line interface of networking operating systems NX-OS and FX-OS is related to insufficient checking of arguments passed to certain CLI commands. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary commands...