Lucene search
K

9164 matches found

The Hacker News
The Hacker News
added 2019/07/12 8:9 a.m.3 views

Cybersecurity Frameworks — Types, Strategies, Implementation and Benefits

Organizations around the world are wondering how to become immune from cyber attacks which are evolving every day with more sophisticated attack vectors. IT teams are always on the lookout for new ransomware and exploit spreading in the wild, but can all these unforeseen cyber attacks be prevente...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2019/07/12 8:9 a.m.236 views

Cybersecurity Frameworks — Types, Strategies, Implementation and Benefits

Organizations around the world are wondering how to become immune from cyber attacks which are evolving every day with more sophisticated attack vectors. IT teams are always on the lookout for new ransomware and exploit spreading in the wild, but can all these unforeseen cyber attacks be prevente...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2019/07/11 12:0 p.m.134 views

Implementing Bug Bounty Programs: The Right and Wrong Approaches

While bug-bounty programs may seem like a cure-all solution for companies looking discover vulnerabilities in their systems more efficiently, the fact remains that a program could overwhelm a firm’s internal security team and cause other major headaches if implemented the wrong way. “You have to...

7.4AI score
Exploits0References4
Mageia
Mageia
added 2019/07/10 10:44 a.m.36 views

Updated microcode package fixes security vulnerability

Secure Encrypted Virtualization SEV on Advanced Micro DevicesAMD Platform Security Processor PSP; aka AMD Secure Processor or AMD-SP 0.17 build 11 and earlier has an insecure cryptographic implementation. This update provides Amd SEV Firmware to 0.17 build 22 CVE-2019-9836. It also updates the...

5.3CVSS1.7AI score0.01609EPSS
Exploits1References1
Prion
Prion
added 2019/07/03 7:15 p.m.12 views

Design/Logic Flaw

In FreeBSD 12.0-STABLE before r349622, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349624, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in iconv implementation may allow an attacker to write past the end of an output buffer. Depending on the...

7.5CVSS9.7AI score0.04861EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2019/07/03 6:51 p.m.20 views

CVE-2019-5601

Removed by vendor...

6.5CVSS6.5AI score0.01567EPSS
Exploits0
OSV
OSV
added 2019/07/02 8:31 a.m.3 views

SUSE-SU-2019:14111-1 Security update for dbus-1

This update for dbus-1 fixes the following issues: Security issue fixed: - CVE-2019-12749: Fixed an implementation flaw in DBUSCOOKIESHA1 which could have allowed local attackers to bypass authentication bsc1137832...

7.1CVSS6.8AI score0.00555EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2019/07/02 12:0 a.m.21 views

Advantech WebAccess Node viewsrv fClose Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x277B IOCTL in the webvrpcs process. The issue resul...

9.8CVSS2.5AI score0.10665EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2019/07/02 12:0 a.m.20 views

Advantech WebAccess Node viewsrv SQLNumResultCols Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x27E7 IOCTL in the webvrpcs process. The issue resul...

9.8CVSS2.3AI score0.10665EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2019/07/02 12:0 a.m.26 views

Advantech WebAccess Node viewsrv ftell Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x277F IOCTL in the webvrpcs process. The issue resul...

9.8CVSS2.5AI score0.10665EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/07/01 12:0 a.m.24 views

openSUSE: Security Advisory for dbus-1 (openSUSE-SU-2019:1671-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.1CVSS7.4AI score0.00555EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2019/06/30 12:0 a.m.80 views

Security update for tomcat (moderate)

openSUSE Security Update: Security update for tomcat Announcement ID: openSUSE-SU-2019:1673-1 Rating: moderate References: 1111966 1131055 1136085 Cross-References: CVE-2019-0199 CVE-2019-0221 Affected Products: openSUSE Leap 15.0 An update that solves two vulnerabilities and has one errata is no...

7.5CVSS7.4AI score0.72855EPSS
Exploits3References3
Prion
Prion
added 2019/06/28 10:15 p.m.16 views

Design/Logic Flaw

An incorrect implementation of a local web server in eID client Windows version before 3.1.2, Linux version before 3.0.3 allows remote attackers to execute arbitrary code .cgi, .pl, or .php or delete arbitrary files via a crafted HTML page. This is a product from the Ministry of Interior of the...

6.8CVSS8.6AI score0.03658EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2019/06/27 5:15 p.m.14 views

CVE-2019-5822

Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

8.8CVSS8.2AI score0.01872EPSS
Exploits0References8
Prion
Prion
added 2019/06/27 5:15 p.m.21 views

Design/Logic Flaw

Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.8CVSS7.8AI score0.01872EPSS
Exploits0References8Affected Software5
Debian CVE
Debian CVE
added 2019/06/27 4:13 p.m.23 views

CVE-2019-5822

Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

8.8CVSS5.9AI score0.01872EPSS
Exploits0
0day.today
0day.today
added 2019/06/27 12:0 a.m.256 views

AMD Secure Encrypted Virtualization (SEV) Key Recovery Vulnerability

AMD Secure Encrypted Virtualization SEV is a hardware memory encryption feature. SEV protects guest virtual machines from the hypervisor, provides confidentiality guarantees at runtime and remote attestation at launch time. The SEV elliptic-curve ECC implementation was found to be vulnerable to a...

0.5AI score0.01609EPSS
Exploits1
NVD
NVD
added 2019/06/25 9:15 p.m.15 views

CVE-2019-9836

Secure Encrypted Virtualization SEV on Advanced Micro Devices AMD Platform Security Processor PSP; aka AMD Secure Processor or AMD-SP 0.17 build 11 and earlier has an insecure cryptographic implementation...

5.3CVSS5.2AI score0.01609EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2019/06/25 9:15 p.m.32 views

CVE-2019-9836

Secure Encrypted Virtualization SEV on Advanced Micro Devices AMD Platform Security Processor PSP; aka AMD Secure Processor or AMD-SP 0.17 build 11 and earlier has an insecure cryptographic implementation...

5.3CVSS6.4AI score0.01609EPSS
Exploits1References4
CVE
CVE
added 2019/06/25 8:17 p.m.278 views

CVE-2019-9836

Technical details about CVE-2019-9836 are not publicly available in the provided connected documents. The materials reference kernel-firmware updates and CVE linkage, but do not specify affected products/versions, root cause, or fixes. Monitor for updates.

5.3CVSS5.1AI score0.01609EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder