Design/Logic Flaw

A vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software could allow an authenticated, remote attacker to cause an affected system to become unstable or reload. The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could...

CVE-2020-3310 Cisco Firepower Device Manager On-Box Software XML Parsing Vulnerability

A vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software could allow an authenticated, remote attacker to cause an affected system to become unstable or reload. The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could...

CVE-2020-3310 Cisco Firepower Device Manager On-Box Software XML Parsing Vulnerability

A vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software could allow an authenticated, remote attacker to cause an affected system to become unstable or reload. The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could...

Cisco Firepower Device Manager On-Box Software XML Parsing Vulnerability

A vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software could allow an authenticated, remote attacker to cause an affected system to become unstable or reload. The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could...

Application Compatibility Update for Windows XP Professional x64 edition, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Embedded Standard 7, and Windows Server 2008 R2: October 2010

Application Compatibility Update for Windows XP Professional x64 edition, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Embedded Standard 7, and Windows Server 2008 R2: October 2010 INTRODUCTION Install this update to resolve a set of known application compatibility...

Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability (cisco-sa-20190515-iosxr-evpn-dos)

According to its self-reported version, Cisco IOS XR Software is affected by a vulnerability in the Border Gateway Protocol BGP Multiprotocol Label Switching MPLS-based Ethernet VPN EVPN implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial ...

"Cablehaunt" Cable Modem WebSocket DoS

There exists a buffer overflow vulnerability in certain Cable Modem Spectrum Analyzer interfaces. This overflow is exploitable, but since an exploit would differ between every make, model, and firmware version which also differs from ISP to ISP, this module simply causes a Denial of Service to te...

HPSBPI03643 rev. 1 - Certain HP Enterprise Printers and MFP products - Potential instability of solution

Potential Security Impact Potential instability of solution VULNERABILITY SUMMARY A potential security vulnerability has been identified for certain HP printers and MFPs with Troy solutions. For affected printers with FutureSmart Firmware bundle version 4.9 or 4.9.0.1 the potential vulnerability...

CVE-2019-5293

Some Huawei products have a memory leak vulnerability when handling some messages. A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. Successful exploit may cause some service to be abnormal...

Country of Georgia Suffers Widespread Cyberattack

A cyberattack hit the small country of Georgia, Monday, knocking 2,000 websites as well as the national TV station offline in the largest cyberattack the nation has ever seen. The relatively unsophisticated defacement attack—which replaced normal functionality with an image of former Georgian...

PT-2019-16515 · Oracle +6 · Mysql Server +5

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.16 and prior Description: The issue allows a high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks can result in the unauthorized ability to cause a hang o...

CVE-2019-6634

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, a high volume of malformed analytics report requests leads to instability in restjavad process. This causes issues with both iControl REST and some portions of TMUI. The attack requires an authenticated user with any...

CVE-2019-6637

CVE-2019-6637 affects BIG-IP ASM: exploitation of REST endpoints by an authenticated user (role: Guest or higher) can trigger excessive memory consumption, causing the Linux kernel OOM killer and potential DoS. Affected: BIG-IP ASM versions 12.1.0–12.1.4, 13.0.0–13.1.1.4, 14.0.0–14.0.0.4, 14.1.0–...

CVE-2019-6634

CVE-2019-6634 affects BIG-IP TMUI and iControl REST. A high volume of malformed analytics report requests can destabilize the restjavad process, requiring an authenticated user with any role and potentially disrupting services. Affected BIG-IP versions include 14.1.0–14.1.0.5, 14.0.0–14.0.0.4, 13...

F5 Networks BIG-IP : iControl REST vulnerability (K29149494)

Application logic abuse of ASM REST endpoints can lead to instability of BIG-IP system. Exploitation of this issue causes excessive memory consumption which results in the Linux kernel triggering OOM killer on arbitrary processes. The attack requires an authenticated user with role of 'Guest' or...

GHSA-83RX-C8CR-6J8Q Insecure Default Configuration in tesseract.js

Versions of tesseract.js prior to 1.0.19 default to using a third-party proxy. Requests may be proxied through crossorigin.me which clearly states is not suitable for production use. This may lead to instability and privacy violations. Recommendation Upgrade to version 1.0.19 or later...

CVE-2019-1849 Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability

A vulnerability in the Border Gateway Patrol BGP Multiprotocol Label Switching MPLS-based Ethernet VPN EVPN implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service DoS condition on an affected device. The vulnerability is due to a...

SonicOS Download Certificate in Admin GUI Could Cause System Instability

A vulnerability in SonicOS allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0,...

PT-2019-1372 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center affected versions not specified Description: The issue is related to errors in resource management in the Shell Access Filter feature of Cisco Firepower Management Center. It could allow a remote attacker to...

Buffer overflow

A Buffer Error vulnerability exists in PowerSuite 2, all released versions VW3A8104 & Patches, which could cause an overflow in the memcpy function, leading to corruption of data and program instability...