Command Execution Vulnerability in Netcom's Next Generation Firewall NGFW

Netcom Next Generation Firewall NGFW is a high-performance application layer firewall launched by Netcom Technology that can comprehensively deal with network threats. A command execution vulnerability exists in NGFW. An attacker can inject commands and execute them after logging in with a defaul...

Information disclosure

Huawei smart phones Honor V20 with the versions before 9.0.1.161C00E161R2P2 have an information leak vulnerability. An attacker may trick a user into installing a malicious application. Due to coding error during layer information processing, attackers can exploit this vulnerability to obtain som...

CVE-2019-1951

A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by...

CVE-2019-1957

A vulnerability in the web interface of Cisco IoT Field Network Director could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of Transport Layer Security TLS...

Cisco SD-WAN Solution Packet Filter Bypass Vulnerability

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco. A packet filter bypass vulnerability exists in Cisco SD-WAN Solution version 19.1.0 and earlier. The vulnerability stems from improper traffic filtering conditions on the affected device. An attacker can exploit this...

PT-2019-3172 · Cisco · Cisco Ftd

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security TLS protocol inspection engine could allow an unauthenticated, remote attacker t...

Cisco Firepower Threat Defense Policy Bypass Vulnerability

Cisco Firepower Threat Defense FTD is a suite of unified software from the U.S. company Cisco Cisco that provides next-generation firewall services. A policy bypass vulnerability exists in the Secure Sockets Layer SSL/Transport Layer Security TLS protocol inspection engine in Cisco FTD versions...

Design/Logic Flaw

NVIDIA Windows GPU Display Driver all versions contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape in which the software uses an API function or data structure in a way that relies on properties that are not always guaranteed to be valid, which may lead to...

tomcat: Host name verification missing in WebSocket client

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88...

python: NULL pointer dereference using a specially crafted X509 certificate

A null pointer dereference vulnerability was found in the certificate parsing code in Python. This causes a denial of service to applications when parsing specially crafted certificates. This vulnerability is unlikely to be triggered if application enables SSL/TLS certificate validation and accep...

McAfee ePolicy Orchestrator Insufficient Transport Layer Protection (SB10286)

The remote host is running a version of McAfee ePolicy Orchestrator that is affected by insufficient transport layer protection. The ePO Agent Handler can incorrectly revert to plain text communication with the configured SQL server. A remote, unauthenticated attacker could exploit this to view...

CVE-2017-18445

cPanel before 64.0.21 does not enforce demo restrictions for SSL API calls SEC-249...

CVE-2019-1901 Cisco Nexus 9000 Series ACI Mode Switch Software Link Layer Discovery Protocol Buffer Overflow Vulnerability

A vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure ACI Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges. T...

ALPINE-CVE-2019-5058

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...

OpenSSL Unspecified Vulnerability

OpenSSL is an open source capable general-purpose cryptographic library from the OpenSSL team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. The product supports a variety of cryptographic algorithms , including symmetric ciphers , hash algorithms ,...

PT-2019-2986 · Cisco · Cisco Nexus 9000 Series

Name of the Vulnerable Software and Affected Versions: Cisco Nexus 9000 Series Application Centric Infrastructure ACI Mode Switch Software versions prior to 13.27f or any 14.x release. Description: A vulnerability in the Link Layer Discovery Protocol LLDP subsystem could allow an adjacent,...

nss: PKCS#1 v1.5 signatures can be used for TLS 1.3

A vulnerability exists where it possible to force Network Security Services NSS to sign CertificateVerify with PKCS1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerabilit...

QEMU: slirp: heap buffer overflow in tcp_emu()

A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. It occurs in tcpemu routine while emulating the Identification protocol and copying message data to a socket buffer. A user or process could use this flaw to crash the QEMU process on the host...

INSIDE Secure MatrixSSL Buffer Overflow Vulnerability (CNVD-2020-22363)

INSIDE Secure MatrixSSL is an embedded, open source SSLv3 stack from INSIDE Secure, France, designed for small applications and devices. INSIDE Secure MatrixSSL suffers from a buffer overflow vulnerability that stems from the DTLS server not properly handling incoming network messages. An attacke...

The vulnerabilities of the microprogramming software used in Cisco Adaptive Security Appliance Software (ASA) and Cisco Firepower Threat Defense (FTD) allow attackers to trigger a system reboot or cause a service failure.

The vulnerability of Microprogramming Software for Cisco Adaptive Security Appliance Software ASA and Cisco Firepower Threat Defense FTD is related to incomplete verification of input data for SSL and TLS protocol headers. Exploitation of this vulnerability can allow a malicious actor to trigger ...