Cisco IOS Software for Cisco Integrated Services Routers Generation 2 Denial of Service Vulnerability

A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 ISR G2 Routers running Cisco IOS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerabilit...

CVE-2017-14737

A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key...

CVE-2017-14737

A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key...

CVE-2017-14737

A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key...

CVE-2017-14737

Removed by vendor...

Debian DSA-3981-1 : linux - security update (BlueBorne) (Stack Clash)

Several vulnerabilities have been discovered in the Linux kernel that may lead to privilege escalation, denial of service or information leaks. - CVE-2017-7518 Andy Lutomirski discovered that KVM is prone to an incorrect debug exception DB error occurring while emulating a syscall instruction. A...

USN-3422-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3422-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux...

DEBIAN-CVE-2017-14517

In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::parseEntry function in XRef.cc via a crafted PDF document...

[SECURITY] Fedora 26 Update: tomcat-8.0.46-1.fc26

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...

Microsoft Bluetooth Driver Spoofing Vulnerability (KB4034786)

This host is missing an important security update according to Microsoft KB4034786 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

CVE-2017-12146

It was found that the driveroverride implementation in base/platform.c in the Linux kernel is susceptible to race condition when different threads are reading vs storing a different driver override...

How to Implement NetScaler Gateway EPA Only for Windows Clients

This article provides provides information on how to implement NetScaler Gateway EPA only for Windows clients not mobile devices connecting from the Internet. Mobile devices cannot run the EPA scan. So, they need to bypass it using either a policy or a different virtual server...

[SECURITY] Fedora 26 Update: mingw-libsoup-2.58.2-1.fc26

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

Facebook Awards $100K to Researchers for Credential Spearphishing Detection Method

A group of researchers recently identified a real-time way to detect credential spearphishing attacks in enterprise settings. The discovery net the researchers $100,000 last week from Facebook, which awards money as part of its annual Internet Defense Prize partnership with USENIX Association. Th...

Design/Logic Flaw

The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the restproxycallgeturl function, which allows remote attackers to cause a denial of service application crash via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interfa...

CVE-2015-2675

The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the restproxycallgeturl function, which allows remote attackers to cause a denial of service application crash via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interfa...

CVE-2015-2675

The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the restproxycallgeturl function, which allows remote attackers to cause a denial of service application crash via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interfa...

CVE-2015-2675

The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the restproxycallgeturl function, which allows remote attackers to cause a denial of service application crash via running the EnsureCredentials method from the org.gnome.OnlineAccounts.Account interfa...

RHEL 6 / 7 : java-1.8.0-ibm (RHSA-2017:2469)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2469 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java...

JWT cracker - JWT Brute Force Cracker Written in C

A multi-threaded JWT brute-force cracker written in C. If you are very lucky or have a huge computing power, this program should find the secret key of a JWT token, allowing you to forge valid tokens. This is for testing purposes only, do not put yourself in trouble. The tool is based in the Appl...