77 matches found
kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service
A flaw was found in the way Linux kernel's Dynamic Logical Partitioning DLPAR functionality on PowerPC systems handled low memory conditions on device discovery. An attacker who can change the LPAR configuration and incur low memory conditions at the same time could use this flaw to crash the...
CVE-2020-15666
When trying to load a non-video in an audio/video context the exact status code 200, 302, 404, 500, 412, 403, etc. was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status ...
Code injection
When trying to load a non-video in an audio/video context the exact status code 200, 302, 404, 500, 412, 403, etc. was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status ...
kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service
A flaw was found in the way Linux kernel's Dynamic Logical Partitioning DLPAR functionality on PowerPC systems handled low memory conditions on device discovery. An attacker who can change the LPAR configuration and incur low memory conditions at the same time could use this flaw to crash the...
OPENSUSE-SU-2020:1282-1 Security update for grub2
This update for grub2 fixes the following issue: - CVE-2020-15705: Fail kernel validation without shim protocol bsc1174421. - Add fibre channel device's ofpath support to grub-ofpathname and search hint to speed up root device discovery bsc1172745. This update was imported from the...
OPENSUSE-SU-2020:1280-1 Security update for grub2
This update for grub2 fixes the following issues: - CVE-2020-15705: Fail kernel validation without shim protocol bsc1174421. - Add fibre channel device's ofpath support to grub-ofpathname and search hint to speed up root device discovery bsc1172745. This update was imported from the...
CVE-2020-15666
When trying to load a non-video in an audio/video context the exact status code 200, 302, 404, 500, 412, 403, etc. was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status ...
UBUNTU-CVE-2020-15666
When trying to load a non-video in an audio/video context the exact status code 200, 302, 404, 500, 412, 403, etc. was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status ...
SUSE-SU-2020:2307-1 Security update for grub2
This update for grub2 fixes the following issues: - CVE-2020-15705: Fail kernel validation without shim protocol bsc1174421. - Add fibre channel device's ofpath support to grub-ofpathname and search hint to speed up root device discovery bsc1172745...
SUSE-SU-2020:2306-1 Security update for grub2
This update for grub2 fixes the following issue: - CVE-2020-15705: Fail kernel validation without shim protocol bsc1174421. - Add fibre channel device's ofpath support to grub-ofpathname and search hint to speed up root device discovery bsc1172745...
SUSE-SU-2020:2303-1 Security update for grub2
This update for grub2 fixes the following issues: - CVE-2020-15705: Fail kernel validation without shim protocol bsc1174421. - Add fibre channel device's ofpath support to grub-ofpathname and search hint to speed up root device discovery bsc1172745...
kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service
A flaw was found in the way Linux kernel's Dynamic Logical Partitioning DLPAR functionality on PowerPC systems handled low memory conditions on device discovery. An attacker who can change the LPAR configuration and incur low memory conditions at the same time could use this flaw to crash the...
CVE-2019-12614
A flaw was found in the way Linux kernel's Dynamic Logical Partitioning DLPAR functionality on PowerPC systems handled low memory conditions on device discovery. An attacker who can change the LPAR configuration and incur low memory conditions at the same time could use this flaw to crash the...
Debian DLA-1805-1 : minissdpd security update
It was discovered that there was a use after free vulnerability in minissdpd, a network device discovery daemon. A remote attacker could abuse this to crash the process. For Debian 8 'Jessie', this issue has been fixed in minissdpd version 1.2.20130907-3+deb8u2. We recommend that you upgrade your...
[SECURITY] [DLA 1805-1] minissdpd security update
Package : minissdpd Version : 1.2.20130907-3+deb8u2 CVE ID : CVE-2019-12106 Debian Bug : 929297 It was discovered that there was a use after free vulnerability in minissdpd, a network device discovery daemon. A remote attacker could abuse this to crash the process. For Debian 8 "Jessie", this iss...
Cambium Multiple Vulnerabilities
Exploit for hardware platform in category remote exploits Cambium Multiple Vulnerabilities Vulnerabilities Summary The following advisory describes three 3 vulnerabilities found in Cambium Network Updater Tool and Networks Services Server. The Network Updater Tool is “a free-of-charge tool that...
Moxa UDP Device Discovery
The Moxa protocol listens on 4800/UDP and will respond to broadcast or direct traffic. The service is known to be used on Moxa devices in the NPort, OnCell, and MGate product lines. A discovery packet compels a Moxa device to respond to the sender with some basic device information that is needed...
ICS SCADA NSA Situational Awareness: Grassmarlin
ICS SCADA NSA Situational Awareness: Grassmarlin Provide IP network situational awareness of industrial control systems ICS and Supervisory Control and Data Acquisition SCADA networks to support network security. Passively map, and visually display, an ICS/SCADA network topology while safely...
Fing - Find out Which Devices are Connected to your Wi-Fi Network
Find out which devices are connected to your Wi-Fi network, in just a few seconds. Fast and accurate, Fing is a professional App for network analysis. A simple and intuitive interface helps you evaluate security levels, detect intruders and resolve network issues. Discovers all devices connected ...
Path traversal vulnerability in EMC M&R (Watch4net) Device Discovery
------------------------------------------------------------------------ Path traversal vulnerability in EMC M&R Watch4net Device Discovery ------------------------------------------------------------------------ Han Sahin, November 2014...