2808 matches found
CVE-2019-0060
The vulnerability CVE-2019-0060 affects Juniper Junos OS on SRX Series where the flowd process may crash and restart while processing specific transit IP packets through an IPSec tunnel, potentially causing a Denial of Service (DoS). Affected versions include Junos OS 15.1X49 prior to 15.1X49-D17...
XNU - Remote Double-Free via Data Race in IPComp Input Path
=== Summary === This report describes a bug in the XNU implementation of the IPComp protocol https://tools.ietf.org/html/rfc3173. This bug can be remotely triggered by an attacker who is able to send traffic to a macOS system iOS AFAIK isn't affected over two network interfaces at the same time...
Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service
Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service There's a bug in the SymCrypt multi-precision arithmetic routines that can cause an infinite loop when calculating the modular inverse on specific bit patterns with bcryptprimitives!SymCryptFdefModInvGeneric. I've...
Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service
There's a bug in the SymCrypt multi-precision arithmetic routines that can cause an infinite loop when calculating the modular inverse on specific bit patterns with bcryptprimitives!SymCryptFdefModInvGeneric. I've been able to construct an X.509 certificate that triggers the bug. I've found that...
About the security content of iOS 12.1 - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
CVE-2019-6143
Forcepoint Next Generation Firewall Forcepoint NGFW 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The...
CVE-2019-6143
Forcepoint Next Generation Firewall Forcepoint NGFW 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The...
Authentication flaw
Forcepoint Next Generation Firewall Forcepoint NGFW 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The...
CVE-2019-6143
The CVE-2019-6143 entry concerns Forcepoint Next Generation Firewall (NGFW) platforms. Affected versions include 6.4.x prior to 6.4.7, 6.5.x prior to 6.5.4, and 6.6.x prior to 6.6.2. The flaw is an authentication vulnerability that can allow an unauthorized user to bypass password authentication ...
CVE-2019-6143
Forcepoint Next Generation Firewall Forcepoint NGFW 6.4.x before 6.4.7, 6.5.x before 6.5.4, and 6.6.x before 6.6.2 has a serious authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services protected by the NGFW Engine. The...
nss, nss-softokn, nss-util, and nspr security, bug fix, and enhancement update
nspr 4.21.0-1 - Rebase to NSPR 4.21 nss 3.44.0-4 - Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa 3.44.0-3 - Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v15 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSLENABLESESSIONTICKET...
NewStart CGSL MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0004)
The remote NewStart CGSL host, running version MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11 allow physically proximate...
OPENSUSE-SU-2019:1811-1 Security update for MozillaFirefox
This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack bsc1140868. - CVE-2019-11711: Script injection within domain through inner window reuse bsc1140868. -...
SUSE-SU-2019:1861-2 Security update for MozillaFirefox
This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack bsc1140868. - CVE-2019-11711: Script injection within domain through inner window reuse bsc1140868. -...
openSUSE Security Update : MozillaFirefox (openSUSE-2019-1782)
This update for MozillaFirefox, mozilla-nss fixes the following issues : MozillaFirefox to version ESR 60.8 : - CVE-2019-9811: Sandbox escape via installation of malicious language pack bsc1140868. - CVE-2019-11711: Script injection within domain through inner window reuse bsc1140868. -...
OPENSUSE-SU-2019:1782-1 Security update for MozillaFirefox
This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack bsc1140868. - CVE-2019-11711: Script injection within domain through inner window reuse bsc1140868. -...
SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2019:1869-1)
This update for MozillaFirefox, mozilla-nss fixes the following issues : MozillaFirefox to version ESR 60.8 : CVE-2019-9811: Sandbox escape via installation of malicious language pack bsc1140868. CVE-2019-11711: Script injection within domain through inner window reuse bsc1140868. CVE-2019-11712:...
SUSE-SU-2019:1869-1 Security update for MozillaFirefox
This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack bsc1140868. - CVE-2019-11711: Script injection within domain through inner window reuse bsc1140868. -...
SUSE-SU-2019:1861-3 Security update for MozillaFirefox
This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack bsc1140868. - CVE-2019-11711: Script injection within domain through inner window reuse bsc1140868. -...
Fedora Update for libreswan FEDORA-2019-1bd9cfb718
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...