9165 matches found
CVE-2018-18056
An issue was discovered in the Texas Instruments TI TM4C, MSP432E and MSP432P microcontroller series. The eXecute-Only-Memory XOM implementation prevents code read-outs on protected memory by generating bus faults. However, single-stepping and using breakpoints is allowed in XOM-protected flash...
Buffer overflow
An issue was discovered in the Texas Instruments TI TM4C, MSP432E and MSP432P microcontroller series. The eXecute-Only-Memory XOM implementation prevents code read-outs on protected memory by generating bus faults. However, single-stepping and using breakpoints is allowed in XOM-protected flash...
One simple action you can take to prevent 99.9 percent of attacks on your accounts
There are over 300 million fraudulent sign-in attempts to our cloud services every day. Cyberattacks aren’t slowing down, and it’s worth noting that many attacks have been successful without the use of advanced technology. All it takes is one compromised credential or one legacy application to...
The vulnerability of the stealth mode feature in the LibreOffice office software package allows a intruder to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.
The vulnerability of the stealth mode feature in the LibreOffice office software package is related to the incorrect implementation of security mechanisms. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected information, execute...
Design/Logic Flaw
RIOT through 2019.07 contains a memory leak in the TCP implementation gnrctcp, allowing an attacker to consume all memory available for network packets and thus effectively stopping all network threads from working. This is related to receive in sys/net/gnrc/transportlayer/tcp/gnrctcpeventloop.c...
CVE-2019-15134
RIOT through 2019.07 contains a memory leak in the TCP implementation gnrctcp, allowing an attacker to consume all memory available for network packets and thus effectively stopping all network threads from working. This is related to receive in sys/net/gnrc/transportlayer/tcp/gnrctcpeventloop.c...
CVE-2019-15134
CVE-2019-15134 affects RIOT OS (GNRC TCP) up through 2019.07. The issue is a memory leak in the TCP implementation (gnrc_tcp) triggered in _receive within sys/net/gnrc/transport_layer/tcp/gnrc_tcp_eventloop.c when an ACK is received before a SYN. This can cause unbounded memory consumption for ne...
openSUSE: Security Advisory for java-11-openjdk (openSUSE-SU-2019:1916-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2019:1916-1 Security update for java-11-openjdk
This update for java-11-openjdk to version jdk-11.0.4+11 fixes the following issues: Security issues fixed: - CVE-2019-2745: Improved ECC Implementation bsc1141784. - CVE-2019-2762: Exceptional throw cases bsc1141782. - CVE-2019-2766: Improve file protocol handling bsc1141789. - CVE-2019-2769:...
OPENSUSE-SU-2019:1912-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk to version 8u222 fixes the following issues: Security issues fixed: - CVE-2019-2745: Improved ECC Implementation bsc1141784. - CVE-2019-2762: Exceptional throw cases bsc1141782. - CVE-2019-2766: Improve file protocol handling bsc1141789. - CVE-2019-2769: Better...
Security update for java-1_8_0-openjdk (important)
openSUSE Security Update: Security update for java-180-openjdk Announcement ID: openSUSE-SU-2019:1912-1 Rating: important References: 1115375 1141780 1141782 1141783 1141784 1141785 1141786 1141787 1141789 Cross-References: CVE-2019-2745 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786...
Information Disclosure
kernel is vulnerable to information disclosure. A Spectre gadget was found in the Linux kernel's implementation of system interrupts. An attacker with local access could use this information to reveal private data through a Spectre like side channel...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4095-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4095-1 advisory. Eli Biham and Lior Neumann discovered that the Bluetooth implementation in the Linux kernel did not properly validate elliptic curve parameters during...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4093-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4093-1 advisory. It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause...
USN-4094-1: Linux kernel vulnerabilities
It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. CVE-2018-13053 Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track...
MGASA-2019-0220 Updated kernel packages fix security vulnerabilities
This kernel update provides an update to the kernel 5.2 series, currently based on 5.2.7 adding support for newer hardware and other new features. It also fixes at least the following security issues: A Spectre SWAPGS gadget was found in the Linux kernel's implementation of system interrupts. An...
Sensitive Data Exposure
Overview Versions of msrcrypto prior to 1.4.1 are vulnerable to Sensitive Data Exposure. The package's Elliptic Curve Cryptography ECC implementation may leak information about a server's private ECC key. It can also allow attackers to craft invalid ECDSA signatures that pass as valid. There is n...
Ubuntu 16.04 LTS : OpenJDK 8 vulnerabilities (USN-4080-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4080-1 advisory. Keegan Ryan discovered that the ECC implementation in OpenJDK was not sufficiently resilient to side- channel attacks. An attacker could possibly use thi...
Oracle Linux 7 : kernel (ELSA-2019-1873)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-1873 advisory. - net tcp: enforce tcpminsndmss in tcpmtuprobing Florian Westphal 1719914 1719915 CVE-2019-11479 - net tcp: add tcpminsndmss sysctl Florian Westphal...
Debian DSA-4495-1 : linux - security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. - CVE-2018-20836 chenxiang reported a race condition in libsas, the kernel subsystem supporting Serial Attached SCSI SAS devices, which could lead to a...