The vulnerability of the HelloRetryRequest extension in the Firefox browser allows a perpetrator to compromise data integrity.

The vulnerability of the HelloRetryRequest extension in the Firefox browser is related to an error in packet sending. In this error, the client may negotiate a protocol that is lower in level than TLS 1.3. Exploiting this vulnerability allows a remote attacker to compromise data integrity...

CVE-2020-3283

A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security TLS handler of Cisco Firepower Threat Defense FTD Software when running on the Cisco Firepower 1000 Series platform could allow an unauthenticated, remote attacker to trigger a denial of service DoS condition on an affected...

CVE-2020-3285

A vulnerability in the Transport Layer Security version 1.3 TLS 1.3 policy with URL category functionality for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL. The vulnerability i...

Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerability

A vulnerability in the Transport Layer Security version 1.3 TLS 1.3 policy with URL category functionality for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL. The vulnerability i...

Silver Peak Product Trust Management Issue Vulnerability (CNVD-2020-35470)

Silver Peak Systems EdgeConnect SD-WAN is a software-defined, wide-area networking platform from Silver Peak Systems. The platform provides path reconciliation, application classification, routing, and virtual WAN overlays. identify Orchestrator is one of the business orchestration components. A...

CVE-2020-12144

The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated. This makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted portal...

PT-2020-2229 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security T...

CVE-2020-5888

On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition VE may expose a mechanism for adjacent network layer 2 attackers to access local daemons and bypass port lockdown settings...

CVE-2020-5888

On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition VE may expose a mechanism for adjacent network layer 2 attackers to access local daemons and bypass port lockdown settings...

CVE-2020-5881

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when the BIG-IP Virtual Edition VE is configured with VLAN groups and there are devices configured with OSPF connected to it, the Network Device Abstraction Layer NDAL Interfaces can lock up and in turn disrupting the communicatio...

CVE-2020-5881

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when the BIG-IP Virtual Edition VE is configured with VLAN groups and there are devices configured with OSPF connected to it, the Network Device Abstraction Layer NDAL Interfaces can lock up and in turn disrupting the communicatio...

CVE-2020-5881

The CVE-2020-5881 issue affects BIG-IP VE (not the hardware line) in versions 15.0.0–15.1.0.1, 14.1.0–14.1.2.3, and 13.1.0–13.1.3.3. When VLAN groups are configured and OSPF devices are present, NDAL Interfaces may lock up, disrupting communication between the mcpd and tmm processes and causing t...

CVE-2020-5872

On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel TMM may stop responding and cause a failover event...

F5 Networks BIG-IP : BIG-IP Virtual Edition TMM vulnerability (K73274382)

BIG-IP Virtual Edition VE may expose a mechanism for adjacent network layer 2 attackers to access local daemons and bypass port lockdown settings. CVE-2020-5888 Impact Hosts in adjacent networks may be able to bypass port lockdown settings on BIG-IP VE hosts. C Tenable Network Security, Inc. The...

Debian DSA-4667-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. - CVE-2020-2732 Paulo Bonzini discovered that the KVM implementation for Intel processors did not properly handle instruction emulation for L2 guests...

CVE-2019-19101

A missing secure communication definition and an incomplete TLS validation in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, 4.3.11SP, 4.4.9SP, 4.5.5SP, 4.6.4 and 4.7.2 enable unauthenticated users to perform MITM attacks via the B&R upgrade server...

[SECURITY] [DSA 4667-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4667-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2020 https://www.debian.org/security/faq -...

fontforge: out-of-bounds write in SFD_GetFontMetaData function in sfd.c

An out-of-bounds write was discovered in fontforge while parsing SFD files containing very large LayerCount tokens. The flaw allows an attacker to overwrite data before a buffer allocated on the heap, thus causing the application to crash or execute arbitrary code...

More Insights on The Global DDoS Threat Landscape

Recently, edge services product manager David Elmaleh and Imperva Research Labs’ data scientist Johnathan Azaria shared their DDoS knowledge in a live BrightTalk webinar about the current threat landscape and what you need to do to ensure you are adequately prepared. David and Johnathan not only...

CVE-2020-5864

In versions of NGINX Controller prior to 3.2.0, communication between NGINX Controller and NGINX Plus instances skip TLS verification by default...