EulerOS 2.0 SP5 : kernel (EulerOS-SA-2020-1938)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate...

About the security content of watchOS 5.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

NewStart CGSL MAIN 6.01 : unbound Multiple Vulnerabilities (NS-SA-2020-0037)

The remote NewStart CGSL host, running version MAIN 6.01, has unbound packages installed that are affected by multiple vulnerabilities: - Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This...

CVE-2020-12028

In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize certain handlers to interact with the data on the remote endpoint since those handlers do not enforce appropriate permissions. Rockwell Automation recommends enabling built in security features found...

CVE-2020-12027

All versions of FactoryTalk View SE disclose the hostnames and file paths for certain files within the system. A remote, authenticated attacker may be able to leverage this information for reconnaissance efforts. Rockwell Automation recommends enabling built in security features found within...

Design/Logic Flaw

All versions of FactoryTalk View SE disclose the hostnames and file paths for certain files within the system. A remote, authenticated attacker may be able to leverage this information for reconnaissance efforts. Rockwell Automation recommends enabling built in security features found within...

Design/Logic Flaw

In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize certain handlers to interact with the data on the remote endpoint since those handlers do not enforce appropriate permissions. Rockwell Automation recommends enabling built in security features found...

CVE-2020-12028 Rockwell Automation FactoryTalk View SE

In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize certain handlers to interact with the data on the remote endpoint since those handlers do not enforce appropriate permissions. Rockwell Automation recommends enabling built in security features found...

CVE-2020-12028

CVE-2020-12028 affects Rockwell Automation FactoryTalk View SE SCADA (FactoryTalk View SEA remote). The issue arises from handlers that do not enforce permissions, enabling an attacker to interact with remote endpoint data. Exploitation is described as an unauthenticated/remote chain of vulnerabi...

CVE-2020-12027

CVE-2020-12027 affects Rockwell Automation FactoryTalk View SE; all versions disclose hostnames and file paths, enabling recon by a remote, authenticated attacker. Public docs indicate remediation guidance: enable built‑in security features and follow KB guidance 109056/1126943 to deploy IPSec an...

CVE-2020-12027 Rockwell Automation FactoryTalk View SE

All versions of FactoryTalk View SE disclose the hostnames and file paths for certain files within the system. A remote, authenticated attacker may be able to leverage this information for reconnaissance efforts. Rockwell Automation recommends enabling built in security features found within...

openSUSE Security Update : unbound (openSUSE-2020-913)

This update for unbound fixes the following issues : - CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying an incoming query into a large number of queries directed to a target bsc1171889. - CVE-2020-12663: Fixed an issue where malformed answers from upstream name...

openSUSE Security Update : unbound (openSUSE-2020-912)

This update for unbound fixes the following issues : - CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying an incoming query into a large number of queries directed to a target bsc1171889. - CVE-2020-12663: Fixed an issue where malformed answers from upstream name...

SUSE SLES15 Security Update : unbound (SUSE-SU-2020:1819-1)

This update for unbound fixes the following issues : CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying an incoming query into a large number of queries directed to a target bsc1171889. CVE-2020-12663: Fixed an issue where malformed answers from upstream name...

Cisco IOS XE Software IPsec VPN DoS (cisco-sa-iosxe-vpn-dos-edOmW28Z)

According to its self-reported version, Cisco IOS XE Software is affected by a denial of service DoS vulnerability in the hardware crypto driver due to insufficient verification of authenticity of received Encapsulating Security Payload ESP packets. An attacker could exploit this vulnerability by...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2020-1783)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2020:1819-1 Security update for unbound

This update for unbound fixes the following issues: - CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying an incoming query into a large number of queries directed to a target bsc1171889. - CVE-2020-12663: Fixed an issue where malformed answers from upstream name...

EulerOS Virtualization 3.0.6.0 : unbound (EulerOS-SA-2020-1783)

According to the version of the unbound package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a...

Security update for unbound (important)

openSUSE Security Update: Security update for unbound Announcement ID: openSUSE-SU-2020:0912-1 Rating: important References: 1157268 1171889 Cross-References: CVE-2019-18934 CVE-2020-12662 CVE-2020-12663 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities is now...

CVE-2020-10769

A buffer over-read flaw was found in RH kernel versions before 5.0 in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read...