ALPINE-CVE-2019-19583

An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service guest OS crash because VMX VMEntry checks mishandle a certain case. Please see XSA-260 for background on the MovSS shadow. Please see XSA-156 for background on the need for DB...

CVE-2019-19583

An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service guest OS crash because VMX VMEntry checks mishandle a certain case. Please see XSA-260 for background on the MovSS shadow. Please see XSA-156 for background on the need for DB...

Code injection

An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service guest OS crash because VMX VMEntry checks mishandle a certain case. Please see XSA-260 for background on the MovSS shadow. Please see XSA-156 for background on the need for DB...

CVE-2019-19583

An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service guest OS crash because VMX VMEntry checks mishandle a certain case. Please see XSA-260 for background on the MovSS shadow. Please see XSA-156 for background on the need for DB...

VMX: VMentry failure with debug exceptions and blocked states

ISSUE DESCRIPTION Please see XSA-260 for background on the MovSS shadow: http://xenbits.xen.org/xsa/advisory-260.html Please see XSA-156 for background on the need for DB interception: http://xenbits.xen.org/xsa/advisory-156.html The VMX VMEntry checks does not like the exact combination of state...

Unspecified vulnerability in Anviz access control devices (CNVD-2019-44976)

Anviz access control devices is an access control device from Anviz China. A security vulnerability exists in the Anviz access control devices. An attacker can exploit the vulnerability to intercept and re-open door requests...

Multiple Huawei Products Data Forgery Issue Vulnerability

The Huawei AR1200, among others, is an enterprise router from Huawei, a Chinese company. A data forgery vulnerability exists in a number of Huawei products. The vulnerability stems from the program failing to adequately verify some fields in a message, which can be exploited by an attacker to cau...

HPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability

Potential Security Impact Disclosure and Modification of Information Source: HP, HP Product Security Response Team PSRT Reported by: N/A VULNERABILITY SUMMARY Certain HP printers are vulnerable to the Key Negotiation of Bluetooth KNOB attack. Data over Bluetooth can be intercepted, decrypted, and...

CVE-2019-12393

Anviz access control devices are vulnerable to replay attacks which could allow attackers to intercept and replay open door requests...

D Shield suffers from a webshell bypass vulnerability (CNVD-2020-01624)

D Shield is a proactive defense protection software designed specifically for IIS. D Shield suffers from a webshell bypass vulnerability that can be exploited by attackers to bypass the interception of submission data...

D Shield suffers from a webshell bypass vulnerability (CNVD-2020-01623)

D Shield is a proactive defense protection software designed specifically for IIS. D Shield suffers from a webshell bypass vulnerability that can be exploited by attackers to bypass the interception of submission data...

D Shield suffers from a webshell bypass vulnerability (CNVD-2020-02213)

D-Shield is a proactive defense software designed specifically for IIS to prevent websites and servers from being compromised by internal and external protection. D-Shield suffers from a webshell bypass vulnerability. An attacker can use this vulnerability to bypass the interception of submission...

CVE-2019-6665

On BIG-IP ASM 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, BIG-IQ 6.0.0 and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, an attacker with access to the device communication between the BIG-IP ASM Central Policy Builder and the BIG-IQ/Enterprise Manager/F5...

Design/Logic Flaw

On BIG-IP ASM 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, BIG-IQ 6.0.0 and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, an attacker with access to the device communication between the BIG-IP ASM Central Policy Builder and the BIG-IQ/Enterprise Manager/F5...

CVE-2019-6665

On BIG-IP ASM 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, BIG-IQ 6.0.0 and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, an attacker with access to the device communication between the BIG-IP ASM Central Policy Builder and the BIG-IQ/Enterprise Manager/F5...

CVE-2019-6665

CVE-2019-6665 affects BIG-IP ASM (15.0.0–15.0.1, 14.1.0–14.1.2, 14.0.0–14.0.1, 13.1.0–13.1.3.1), BIG-IQ 5.2.0–5.4.0 and 6.x, Enterprise Manager 3.1.1, and F5 iWorkflow 2.3.0. An attacker able to access the device communications between the BIG-IP ASM Central Policy Builder and BIG-IQ/Enterprise M...

Cisco Adaptive Security Appliance Software OSPF LSA Manipulation (cisco-sa-20170727-ospf)

According to its self-reported version, Cisco Adaptive Security Appliance ASA Software is affected by a vulnerability involving the Open Shortest Path First OSPF Routing Protocol Link State Advertisement LSA database. An unauthenticated, remote attacker can exploit this, by injecting crafted OSPF...

DEBIAN-CVE-2019-14822

A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is usi...

Input validation

A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrokes of a victim user who is usi...

CVE-2019-14822

CVE-2019-14822 — ibus local privilege/information exposure . A misconfiguration in the DBus server setup in ibus (versions before 1.5.22) allows any unprivileged user to monitor and send method calls to the ibus bus of another user via the UNIX socket, enabling interception of keystrokes and pote...