1001 matches found
CVE-2020-0601, aka NSACrypt
A spoofing vulnerability exists in the way Windows CryptoAPI Crypt32.dll validates Elliptic Curve Cryptography ECC certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted,...
Moderate: Red Hat Security Advisory: Red Hat Ceph Storage security update
An update is now available for Red Hat Ceph Storage 3.3 that runs on Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Microsegmentation and Isolation: 2 Essential Strategies in Zero-Trust Security
The headlines over the past few years have been consistent – enterprises are pouring more and more money into cybersecurity countermeasures. Indications are that 2020 will be no different, with reports that nearly three quarters of CISOs plan to ask their CFOs for increased cybersecurity investme...
Sparrow-Wifi - Next-Gen GUI-based WiFi And Bluetooth Analyzer For Linux
Sparrow-wifi has been built from the ground up to be the next generation 2.4 GHz and 5 GHz Wifi spectral awareness tool. At its most basic it provides a more comprehensive GUI-based replacement for tools like inSSIDer and linssid that runs specifically on linux. In its most comprehensive use case...
The vulnerability of the UDF subsystem of the “Red Database” and Firebird database management systems allows attackers to execute arbitrary code.
The vulnerability of the UDF subsystem in the “Red Database” and Firebird database management systems is related to errors during the execution of user-defined functions. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
Software, Supply-Chain Dangers Top List of 5G Cyber Risks
The proliferation of software within 5G networks is one of the top security challenges facing the next generation of mobile networks, according to a report out this week from the European Union. 5G networks are fundamentally different than prior wireless networks in that they are largely...
Silver Peak Systems EdgeConnect SD-WAN Input Validation Error Vulnerability
Silver Peak Systems EdgeConnect SD-WAN is a suite of software-defined, wide-area networking platforms from Silver Peak Systems, USA. The platform provides path conditioning, application classification, routing and virtual WAN overlay. An input validation error vulnerability exists in Silver Peak...
Important: Red Hat Security Advisory: ceph security update
An update is now available for Red Hat Ceph Storage 3.3 on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 3.3 security, bug fix, and enhancement update
An update is now available for Red Hat Ceph Storage 3.3 on Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 3.3 security, bug fix, and enhancement update
An update is now available for Red Hat Ceph Storage 3.3 on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Google Chrome 74.0.3729.0 76.0.3789.0 - Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailability
Google Chrome 74.0.3729.0 76.0.3789.0 - Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailability iterating&iteratinglisteners, true; for auto& listenerref : availabilitylisteners auto listener = listenerref.get; if !listener-urls.Containsurl continue; auto screenavailabilit...
Citrix SD-WAN Center/Appliance Multiple Vulnerabilities
Citrix SD-WAN Center is a centralized management system for configuring, monitoring, and analyzing all Citrix SD-WAN devices on the WAN. Multiple vulnerabilities exist in Citrix SD-WAN Center/Appliance that can be exploited by attackers to obtain sensitive information...
CVE-2019-13175
Read the Docs before 3.5.1 has an Open Redirect if certain user-defined redirects are used. This affects private instances of Read the Docs in addition to the public readthedocs.org web sites...
CVE-2019-13175
Read the Docs before 3.5.1 has an Open Redirect if certain user-defined redirects are used. This affects private instances of Read the Docs in addition to the public readthedocs.org web sites...
Product release: Virtuozzo Infrastructure Platform 3.0
In this release, Virtuozzo Infrastructure Platform offers a wide range of new features that enhance the experience of users working with compute virtualization and software-defined networking functionalities. Additionally, the update delivers stability improvements and addresses bugs found in...
Qualys Cloud Platform (VM, PC) 8.20 New Features
This new release of the Qualys Cloud Platform VM, PC, version 8.20, includes several new features in Qualys Cloud Platform and additional support for multiple technologies in Qualys Policy Compliance. Feature Highlights Qualys Cloud Platform Configure Password Expiration Notification – Now users...
MacOS Malicious File Detection: User Defined Malware
Binary data macosmalwareuserfilescan.nbin...
Linux Malicious File Detection: User Defined Malware
Binary data linuxmalwareuserfilescan.nbin...
The vulnerability in the software-defined Cisco SD-WAN web interface, related to insufficient validation of input data, allows a malicious actor to execute arbitrary commands with root privileges.
The vulnerability of the software-defined Cisco SD-WAN Web UI is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands with root privileges...
The vulnerability of the command-line interface of the programmatically defined Cisco SD-WAN network, related to authentication errors, allows a malicious actor to elevate their privileges to the root level.
The vulnerability of the command-line interface of the programmatically defined Cisco SD-WAN network is related to authentication errors. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...